- Kerberos Version 5, Release 1.3.5
+ Kerberos Version 5, Release 1.4
Release Notes
The MIT Kerberos Team
Unpacking the Source Distribution
---------------------------------
-The source distribution of Kerberos 5 comes in a gzipped tarfile,
-krb5-1.3.5.tar.gz. Instructions on how to extract the entire
-distribution follow.
+The source distribution of Kerberos 5 comes in a tarfile,
+krb5-1.4-signed.tar. The tarfile contains a gzipped tarfile,
+krb5-1.4.tar.gz, and its corresponding PGP signature,
+krb5-1.4.tar.gz.asc.
-If you have the GNU tar program and gzip installed, you can simply do:
+You will need the GNU gzip program, and preferably, the GNU tar
+program, to extract the source distribution.
- gtar zxpf krb5-1.3.5.tar.gz
-
-If you don't have GNU tar, you will need to get the FSF gzip
-distribution and use gzcat:
-
- gzcat krb5-1.3.5.tar.gz | tar xpf -
-
-Both of these methods will extract the sources into krb5-1.3.5/src and
-the documentation into krb5-1.3.5/doc.
+The distribution will extract into a subdirectory "krb5-1.4" of the
+current directory.
Building and Installing Kerberos 5
----------------------------------
and logging in as "guest" with password "guest".
-Major changes in 1.3.5
-----------------------
-
-* [2682] Fix ftpd hang caused by empty PASS command.
-
-* [2686] Fix double-free errors. [MITKRB5-SA-2004-002]
-
-* [2687] Fix denial-of-service vulnerability in ASN.1
- decoder. [MITKRB5-SA-2004-003]
-
-Minor changes in 1.3.5
-----------------------
-
-* [2016] Fix build problem in fake-addrinfo.h by including stdio.h so
- that sprintf() gets prototyped where needed on some platforms.
-
-* [2353] Add missing prototype for gss_krb5int_unseal_token_v3().
-
-* [2607] Fix enctype filtering and some memory leaks in MSLSA ccache.
-
-* [2608] Remove incorrect localization in MSLSA ccache which was
- resulting in crashes.
-
-* [2619] Update MSLSA ccache to support new LSA flag.
-
-* [2623] Update MSLSA ccache to reflect differences in registry layout
- between Windows client and server OSes.
-
-* [2624] Do not ignore the cache when obtaining TGTs from the MSLSA if
- the requested enctype is the NULL enctype.
-
-* [2626] Add Terminal Server compatibility for KfW.
-
-* [2627] Fix cc_mslsa thread safety.
-
-* [2634] Remove the caching of the ccache principal name from
- krb5_context.
-
-* [2643] Fix another problem with krb4 ticket backdating.
-
-* [2675] Add new WiX-based MSI installer for KfW.
-
-* [2677] Add "-c ccache" option to kvno; use consistent memory
- management to avoid crashes on Windows.
-
-* [2689] Misc MSLSA ccache fixes.
-
-* [2691] Improve documentation of ANSI C requirement.
-
-Major changes in 1.3.4
-----------------------
-
-* [2024, 2583, 2584] Fixed buffer overflows in
- krb5_aname_to_localname(). [MITKRB-SA-2004-001]
-
-Minor changes in 1.3.4
-----------------------
-
-* [957] The auth_to_local rules now allow for the client realm to be
- examined.
-
-* [2527, 2528, 2531] Keytab file names lacking a "FILE:" prefix now work
- under Windows.
-
-* [2533] Updated installer scripts for Windows.
-
-* [2534] Fixed memory leak for when an incorrect password is input to
- krb5_get_init_creds_password().
-
-* [2535] Added missing newline to dnssrv.c.
-
-* [2551, 2564] Use compile-time checks to determine endianness.
-
-* [2558] krb5_send_tgs() now correctly sets message_type after
- receiving a KRB_ERROR message.
-
-* [2561, 2574] Fixed memory allocation errors in the MSLSA ccache.
-
-* [2562] The Windows installer works around cases where DLLs cannot be
- unloaded.
-
-* [2585] Documentation correctly describes AES support in GSSAPI.
-
-Major changes in 1.3.3
-----------------------
-
-* [2284] Fixed accept_sec_context to use a replay cache in the
- GSS_C_NO_CREDENTIAL case. Reported by Cesar Garcia.
-
-* [2426] Fixed a spurious SIGPIPE that happened in the TCP sendto_kdc
- code on AIX. Thanks to Bill Dodd.
-
-* [2430] Fixed a crash in the MSLSA ccache.
-
-* [2453] The AES string-to-key function no longer returns a pointer to
- stack memory when given a password longer than 64 characters.
-
-Minor changes in 1.3.3
-----------------------
-
-* [2277] In sendto_kdc, a socket leak on connection failure was fixed.
- Thanks to Bill Dodd.
-
-* [2384] A memory leak in the TCP handling code in the KDC has been
- fixed. Thanks to Will Fiveash.
-
-* [2521] The Windows NSIS installer scripts are in the source tree.
-
-* [2522] The MSLSA ccache now supports Windows 9x.
-
-Major changes in 1.3.2
-----------------------
-
-* [2040, 1471, 2067, 2077, 2079, 2166, 2167, 2220, 2266] Support for
- AES in GSSAPI has been implemented. This corresponds to the
- in-progress work in the IETF (CFX).
-
-* [2049, 2139, 2148, 2153, 2182, 2183, 2184, 2190, 2202] Added a new
- ccache type "MSLSA:" for read-only access to the MS Windows LSA
- cache.
-
-* [982] On windows, krb5.exe now has a checkbox to request addressless
- tickets.
-
-* [2189, 2234] To avoid compatibility problems, unrecognized TGS
- options will now be ignored. Thanks to Wyllys Ingersoll for finding
- a problem with a previous fix.
-
-* [2218] 128-bit AES has been added to the default enctypes.
-
-* [2223, 2229] AES cryptosystem now chains IVs. This WILL break
- backwards compatibility for the kcmd applications, if they are using
- AES session keys. Thanks to Wyllys Ingersoll for finding a problem
- with a previous fix.
-
-Minor changes in 1.3.2
-----------------------
-
-* [1437] Applied patch from Stephen Grau so kinit returns non-zero
- status under certain failure conditions where it had previously
- returned zero.
-
-* [1586] On Windows, the krb4 CREDENTIALS structure has been changed
- to align with KfW's version of the structure.
-
-* [1613] Applied patch from Dave Shrimpton to avoid truncation of
- dates output from the kadmin CLI when long time zone names are
- used.
-
-* [1622] krshd no longer calls syslog from inside a signal handler, in
- an effort to avoid deadlocks on exit.
-
-* [1649] A com_err test program compiles properly on Darwin now.
-
-* [1692] A new configuration file tag "master_kdc" has been added to
- allow master KDCs to be designated separately from admin servers.
-
-* [1702] krb5_get_host_realm() and krb5_free_host_realm() are no
- longer marked as KRB5_PRIVATE.
-
-* [1711] Applied patch from Harry McGavran Jr to allow fake-addrinfo.h
- to compile on libc5 Linux platforms.
-
-* [1712] Applied patch from Cesar Garcia to fix lifetime computation
- in krb524 ticket conversion.
-
-* [1714] Fixed a 64-bit endianness bug in ticket starttime encoding in
- krb524d. Found by Cesar Garcia.
-
-* [1715] kadmind4 and v5passwdd are no longer installed on Mac OS X.
-
-* [1718] The krb4 library configure script now recognizes
- OpenDarwin/x86. Bug found by Rob Braun.
-
-* [1721] krb5_get_init_creds_password() no longer returns a spurious
- KRB5_REALM_UNKNOWN if DNS SRV record support is turned off.
-
-* [1730] krb_mk_auth() no longer overzealously clears the key
- schedule.
-
-* [1731] A double-free related to reading forwarded credentials has
- been fixed. Found by Joseph Galbraith.
-
-* [1770] Applied patch from Maurice Massar to fix a foreachaddr()
- problem that was causing the KDC to segfault on startup.
-
-* [1790] The Linux build uses $(CC) to create shared libraries,
- avoiding a libgcc problem when building libdb.
-
-* [1792] The lib/kadm5 unit tests now work around a Solaris 9
- pty-close bug.
-
-* [1793] The test suite works around some Tru64 and Irix RPATH
- issues, which previously could prevent tests from running on a build
- with shared libraries enabled.
-
-* [1799] kadmind supports callouts to the Apple password server.
-
-* [1893] KRB-SAFE messages from older releases can now be read
- successfully. Prior 1.3.x releases did not save the encoded
- KRB-SAFE message, and experienced problems when re-encoding. Found
- by Scooter Morris.
-
-* [1962] MS LSA tickets with short remaining lifetimes will be
- rejected in favor of retrieving tickets bypassing the LSA cache.
-
-* [1973] sendto_kdc.c now closes sockets with closesocket() instead of
- close(), avoiding a descriptor leak on Windows.
-
-* [1979] An erroneously short initial sequence number mask has been
- fixed.
-
-* [2028] KfW now displays a kinit dialog when GSS fails to find
- tickets.
-
-* [2051] Missing exports have been added to krb4_32.def on Windows.
-
-* [2058] Some problems with krb4 ticket lifetime backdating have
- fixed.
-
-* [2060] GSSAPI's idea of the default ccache is less sticky now.
-
-* [2068] The profile library includes prof-int.h before conditionals
- that rely on it.
-
-* [2084] The resolver library is no longer referenced by library code
- if not building with DNS SRV record support.
-
-* [2085] Updated Windows README file to reflect current compilation
- requirements, etc.
-
-* [2104] On Windows, only define strcasecmp and strncasecmp
- replacement macros if said functions are missing.
-
-* [2106] Return an error for unimplemented ccache functions, rather
- than calling through a null pointer.
-
-* [2118] Applied patch from Will Fiveash to use correct parameter for
- KDC TCP listening sockets.
-
-* [2144,2230] Memory management errors in the Windows gss.exe test
- client have been fixed.
-
-* [2171] krb5_locate_kpasswd() now correctly calls htons() on the
- kpasswd port number. Found by Arlene Berry.
-
-* [2180] The profile library now includes pthread.h when compiled with
- USE_PTHREADS.
-
-* [2181, 2224] A timeout has been added to gss-server, and a missing
- parameter to sign_server() has been added.
-
-* [2196] config.{guess,sub} have been updated from autoconf-2.59.
-
-* [2204] Windows gss.exe now has support for specifying credentials
- cache, as well as some minor bugfixes.
-
-* [2210] GSSAPI accept_sec_context() no longer unconditionally sets
- INTEG and CONF flags in contradiction to what the initiator sent.
-
-* [2212] The GSS sample application has some additional options to
- support testing of SSPI vs GSSAPI.
-
-* [2217] Windows gss.exe has new UI elements to support more flag
- settings.
-
-* [2225] In the gss sample client, some extraneous parameters have
- been removed from client_establish_context().
-
-* [2228] Copyright notices updated in GSS sample apps.
-
-* [2233] On Windows compiles with KRB5_KFW_COMPILE, the lib path for
- krbcc32.lib is now correct.
-
-* [2195, 2236, 2241, 2245] The Solaris 9 pty-close bug, which was
- affecting the test suite, has been worked around by hacking
- scheduler priorities. See the installation notes for details.
- Thanks to Bill Sommerfeld for some useful hints.
-
-* [2258] An incorrect memcpy() statement in fakeka has been fixed.
- Reported by David Thompson.
-
-Notes, Major Changes, and Known Bugs for 1.3.1
-----------------------------------------------
-
-* [1681] The incorrect encoding of the ETYPE-INFO2 preauthentication
- hint is no longer emitted, and the both the incorrect and the
- correct encodings of ETYPE-INFO2 are now accepted. We STRONGLY
- encourage deploying krb5-1.3.1 in preference to 1.3, especially on
- client installations, as the 1.3 release did not conform to the
- internet-draft for the revised Kerberos protocol in its encoding of
- ETYPE-INFO2.
-
-* [1683] The non-caching getaddrinfo() API on Mac OS X, which was
- causing significant slowdowns under some circumstances, has been
- worked around.
-
-Minor changes in 1.3.1
-----------------------
-
-* [1015] gss_accept_sec_context() now passes correct arguments to
- TREAD_STR() when reading options beyond the forwarded credential
- option. Thanks to Emily Ratliff.
-
-* [1365] The GSSAPI initiator credentials are no longer cached inside
- the GSSAPI library.
-
-* [1651] A buffer overflow in krb_get_admhst() has been fixed.
-
-* [1655] krb5_get_permitted_enctypes() and krb5_set_real_time() are
- now exported for use by Samba.
-
-* [1656] gss_init_sec_context() no longer leaks credentials under some
- error conditions.
-
-* [1657] krb_get_lrealm() no longer returns "ATHENA.MIT.EDU"
- inappropriately.
-
-* [1664] The crypto library no longer has bogus dependencies on
- com_err.
-
-* [1665] krb5_init_context() no longer multiply registers error tables
- when called more than once, preventing a memory leak.
-
-* [1666] The GSS_C_NT_* symbols are now exported from gssapi32.dll on
- Windows.
-
-* [1667] ms2mit now imports any tickets with supported enctypes, and
- does not import invalid tickets.
-
-* [1677] krb5_gss_register_acceptor_identity() no longer has an
- off-by-one in its memory allocation.
+Major changes in 1.4
+--------------------
-* [1679] krb5_principal2salt is now exported on all platforms.
+* [841] Merged Athena telnetd changes for creating a new option for
+ requiring encryption.
-* [1684] The file credentials cache is now supported if USE_CCAPI is
- defined, i.e., for KfM and KfW.
+* [1349, 2578, 2601, 2606, 2613, 2743, 2775, 2778, 2877] Add
+ implementation of the RPCSEC_GSS authentication flavor to the RPC
+ library. Thanks to Kevin Coffman and the CITI group at the
+ University of Michigan.
-* [1691] Documentation for the obsolete kdc_supported_enctypes config
- variable has been removed.
+* [2061] The kadmind4 backwards-compatibility admin server and the
+ v5passwdd backwards-compatibility password-changing server have been
+ removed.
-Notes, Major Changes, and Known Bugs for 1.3
---------------------------------------------
+* [1303, 2740, 2755, 2781, 2782, 2812, 2858, 2859, 2874, 2875, 2878,
+ 2879, 2884] Thread safety for krb5 libraries.
-* We now install the compile_et program, so other packages can use the
- installed com_err library with their own error tables. (If you use
- our com_err code, that is; see below.)
+* [2410] Yarrow code now uses AES.
-* The header files we install now assume ANSI/ISO C ('89, not '99).
- We have stopped testing on SunOS 4, even with gcc. Some of our code
- now has C89-based assumptions, like free(NULL) being well defined,
- that will probably frustrate any attempts to run this code under SunOS
- 4 or other pre-C89 systems.
+* [2678, 2802] New client commands kcpytkt and kdeltkt for Windows.
-* Some new code, bug fixes, and cleanup for IPv6 support. Most of the
- code should support IPv6 transparently now. The RPC code (and
- therefore the admin system, which is based on it) does not yet
- support IPv6. The support for Kerberos 4 may work with IPv6 in very
- limited ways, if the address checking is turned off. The FTP client
- and server do not have support for the new protocol messages needed
- for IPv6 support (RFC 2428).
+* [2688] New command mit2ms on Windows.
-* We have upgraded to autoconf 2.52 (or later), and the syntax for
- specifying certain configuration options have changed. For example,
- autoconf 2.52 configure scripts let you specify command-line options
- like "configure CC=/some/path/foo-cc", so we have removed some of
- our old options like --with-cc in favor of this approach.
+* [2762] Merged Athena changes to allow ftpd to require encrypted
+ passwords.
-* The client libraries can now use TCP to connect to the KDC. This
- may be necessary when talking to Microsoft KDCs (domain controllers),
- if they issue you tickets with lots of PAC data.
+* [2587] Incorporate gss_krb5_set_allowable_enctypes() and
+ gss_krb5_export_lucid_sec_context(), which are needed for NFSv4,
+ from Kevin Coffman.
-* If you have versions of the com_err or ss installed locally, you can
- use the --with-system-et and --with-system-ss configure options to
- use them rather than using the versions supplied here. Note that
- the interfaces are assumed to be similar to those we supply; in
- particular, some older, divergent versions of the com_err library
- may not work with the krb5 sources. Many configure-time variables
- can be used to help the compiler and linker find the installed
- packages; see the build documentation for details.
+* [2841] Fix heap buffer overflow in password history
+ mechanism. [MITKRB5-SA-2004-004]
-* The AES cryptosystem has been implemented. However, support in the
- Kerberos GSSAPI mechanism has not been written (or even fully
- specified), so it's not fully enabled. See the documentation for
- details.
+Minor changes in 1.4
+--------------------
-Major changes listed by ticket ID
----------------------------------
-
-* [492] PRNG breakage on 64-bit platforms no longer an issue due to
- new PRNG implementation.
-
-* [523] Client library is now compatible with the RC4-based
- cryptosystem used by Windows 2000.
-
-* [709] krb4 long lifetime support has been implemented.
-
-* [880] krb5_gss_register_acceptor_identity() implemented (is called
- gsskrb5_register_acceptor_identity() by Heimdal).
-
-* [1087] ftpd no longer requires channel bindings, allowing easier use
- of ftp from behind a NAT.
-
-* [1156, 1209] It is now possible to use the system com_err to build
- this release.
-
-* [1174] TCP support added to client library.
-
-* [1175] TCP support added to the KDC, but is disabled by default.
-
-* [1176] autoconf-2.5x is now required by the build system.
-
-* [1184] It is now possible to use the system Berkeley/Sleepycat DB
- library to build this release.
-
-* [1189, 1251] The KfM krb4 library source base has been merged.
-
-* [1190] The default KDC master key type is now triple-DES. KDCs
- being updated may need their config files updated if they are not
- already specifying the master key type.
-
-* [1190] The default ticket lifetime and default maximum renewable
- ticket lifetime have been extended to one day and one week,
- respectively.
-
-* [1191] A new script, k5srvutil, may be used to manipulate keytabs in
- ways similar to the krb4 ksrvutil utility.
-
-* [1281] The "fakeka" program, which emulates the AFS kaserver, has
- been integrated. Thanks to Ken Hornstein.
-
-* [1343] The KDC now defaults to not answering krb4 requests.
-
-* [1344] Addressless tickets are requested by default now.
-
-* [1372] There is no longer a need to create a special keytab for
- kadmind. The legacy administration daemons "kadmind4" and
- "v5passwdd" will still require a keytab, though.
-
-* [1377, 1442, 1443] The Microsoft set-password protocol has been
- implemented. Thanks to Paul Nelson.
-
-* [1385, 1395, 1410] The krb4 protocol vulnerabilities
- [MITKRB5-SA-2003-004] have been worked around. Note that this will
- disable krb4 cross-realm functionality, as well as krb4 triple-DES
- functionality. Please see doc/krb4-xrealm.txt for details of the
- patch.
-
-* [1393] The xdrmem integer overflows [MITKRB5-SA-2003-003] have
- been fixed.
-
-* [1397] The krb5_principal buffer bounds problems
- [MITKRB5-SA-2003-005] have been fixed. Thanks to Nalin Dahyabhai.
-
-* [1415] Subsession key negotiation has been fixed to allow for
- server-selected subsession keys in the future.
-
-* [1418, 1429, 1446, 1484, 1486, 1487, 1535, 1621] The AES
- cryptosystem has been implemented. It is not usable for GSSAPI,
- though.
-
-* [1491] The client-side functionality of the krb524 library has been
- moved into the krb5 library.
-
-* [1550] SRV record support exists for Kerberos v4.
-
-* [1551] The heuristic for locating the Kerberos v4 KDC by prepending
- "kerberos." to the realm name if no config file or DNS information
- is available has been removed.
-
-* [1568, 1067] A krb524 stub library is built on Windows.
-
-Minor changes listed by ticket ID
----------------------------------
-
-* [90] default_principal_flags documented.
-
-* [175] Docs refer to appropriate example domains/IPs now.
-
-* [299] kadmin no longer complains about missing kdc.conf parameters
- when it really means krb5.conf parameters.
-
-* [318] Run-time load path for tcl is set now when linking test
- programs.
-
-* [443] --includedir honored now.
-
-* [479] unused argument in try_krb4() in login.c deleted.
-
-* [590] The des_read_pw_string() function in libdes425 has been
- aligned with the original krb4 and CNS APIs.
-
-* [608] login.krb5 handles SIGHUP more sanely now and thus avoids
- getting the session into a weird state w.r.t. job control.
-
-* [620] krb4 encrypted rcp should work a little better now. Thanks to
- Greg Hudson.
-
-* [647] libtelnet/kerberos5.c no longer uses internal include files.
-
-* [673] Weird echoing of admin password in kadmin client worked around
- by not using buffered stdio calls to read passwords.
-
-* [677] The build system has been reworked to allow the user to set
- CFLAGS, LDFLAGS, CPPFLAGS, etc. reasonably.
-
-* [680] Related to [673], rewrite krb5_prompter_posix() to no longer
- use longjmp(), thus avoiding some bugs relating to non-restoration
- of terminal settings.
-
-* [697] login.krb5 no longer zeroes out the terminal window size.
-
-* [710] decomp_ticket() in libkrb4 now looks up the local realm name
- more correctly. Thanks to Booker Bense.
-
-* [771] .rconf files are excluded from the release now.
-
-* [772] LOG_AUTHPRIV syslog facility is now usable for logging on
- systems that support it.
-
-* [844] krshd now syslogs using the LOG_AUTH facility.
-
-* [850] Berekely DB build is better integrated into the krb5 library
- build process.
-
-* [866] lib/krb5/os/localaddr.c and kdc/network.c use a common source
- for local address enumeration now.
-
-* [882] gss-client now correctly deletes the context on error.
-
-* [919] kdc/network.c problems relating to SIOCGIFCONF have been
- fixed.
-
-* [922] An overflow in the string-to-time conversion routines has been
- fixed.
-
-* [933] krb524d now handles single-DES session keys other than of type
- des-cbc-crc.
-
-* [935] des-cbc-md4 now included in default enctypes.
-
-* [939] A minor grammatical error has been fixed in a telnet client
- error message.
-
-* [953] des3 no longer failing on Windows due to SHA1 implementation
- problems.
+Please see
-* [964] kdb_init_hist() no longer fails if master_key_enctype is not
- in supported_enctypes.
+http://krbdev.mit.edu/rt/NoAuth/krb5-1.4/fixed-1.4.html
-* [970] A minor inconsistency in ccache.tex has been fixed.
+for a complete list.
-* [971] option parsing bugs rendered irrelevant by removal of unused
- gss mechanism.
+* [249] Install example config files.
-* [976] make install mentioned in build documentation.
+* [427] PATH environment variable won't be overwritten by login.krb5
+ if already set.
-* [986] Related to [677], problems with the ordering of LDFLAGS
- initialization rendered irrelevant by use of native autoconf
- idioms.
+* [696] Sample KDC propagation script fixed.
-* [992] Related to [677], quirks with --with-cc no longer relevant as
- AC_PROG_CC is used instead now.
+* [868] Fixed search for res_search() and friends.
-* [999] The kdc_default_options configuration variable is now honored.
- Thanks to Emily Ratliff.
+* [927] Compilation on Tru64 now detects GNU linker and chooses
+ whether to use -oldstyle_liblookup accordingly.
-* [1006] Client library, as well as KDC, now perform reasonable
- sorting of ETYPE-INFO preauthentication data.
+* [1044] port-sockets.h explicitly declares h_errno if the declaration
+ is missing.
-* [1055] NULL pointer dereferences in code calling
- krb5_change_password() have been fixed.
+* [1210] KDC cleans up some per-listener state upon process
+ termination to avoid spurious memory leak indications.
-* [1063] Initial credentials acquisition failures related to client
- host having a large number of local network interfaces should be
- fixed now.
+* [1335] The server side of the Horowitz password-change protocol now
+ checks for minimum password life.
-* [1064] Incorrect option parsing in the gssapi library is no longer
- relevant due to removal of the "v2" mechanism.
+* [1345, 2730, 2757] patchlevel.h is now the master version file.
-* [1065, 1225] krb5_get_init_creds_password() should properly warn about
- password expiration.
+* [1364] GNU sed is no longer required to make depend on Irix.
-* [1066] printf() argument mismatches in rpc unit tests fixed.
+* [1383] SRV record support now handles "." target and adds trailing
+ dots to avoid spurious multiple hostname queries.
-* [1085] The krb5.conf manpage has been re-synchronized with other
- documentation.
+* [1497] A memory leak in the krb5 context serializer has been fixed.
-* [1102] gssapi_generic.h should now work with C++.
+* [1570] Some team procedures now documented.
-* [1135] The kadm5 ACL system is better documented.
+* [1588] Automatic rebuilding of configure scripts, etc. are only done
+ if --enable-maintainer-mode is passed to configure.
-* [1136] Some documentation for the setup of cross-realm
- authentication has been added.
+* [1623] Memory management in the ftp client has been cleaned up.
-* [1164] krb5_auth_con_gen_addrs() now properly returns errno instead
- of -1 if getpeername() fails.
+* [1724] DNS SRV record lookup support is unconditionally built on
+ Unix.
-* [1173] Address-less forwardable tickets will remain address-less
- when forwarded.
+* [1791] Replacement for daemon() is compiled separately each time it
+ is needed, rather than ending up in the krb5 library.
-* [1178, 1228, 1244, 1246, 1249] Test suite has been stabilized
- somewhat.
+* [1806] Default to building shared libraries on most platforms that
+ support them.
-* [1188] As part of the modernization of our usage of autoconf,
- AC_CONFIG_FILES is now used instead of passing a list of files to
- AC_OUTPUT.
+* [1847] Fixed daemon() replacement to build on Tru64.
-* [1194] configure will no longer recurse out of the top of the source
- tree when attempting to locate the top of the source tree.
+* [1850] Fixed some 0 vs NULL issues.
-* [1192] Documentation for the krb5 afs functionality of krb524d has
- been written.
+* [2066] AES-only configuration now tested in test suite.
-* [1195] Example krb5.conf file modified to include all enctypes
- supported by the release.
+* [2219] Fixed memory leak in KDC preauth handling.
-* [1202] The KDC no longer rejects unrecognized flags.
+* [2256] Use $(CC) rather than ld to build shared libs on Tru64 and
+ Irix.
-* [1203] krb5_get_init_creds_keytab() no longer does a double-free.
+* [2276] Support for the non-standard enctype
+ ENCTYPE_LOCAL_DES3_HMAC_SHA1 has been removed.
-* [1211] The ASN.1 code no longer passes (harmless) uninitialized
- values around.
+* [2285] Test suite checks TCP access to KDC.
-* [1212] libkadm5 now allows for persistent exclusive database locks.
+* [2295] Minor stylistic cleanup in gss-client.
-* [1217] krb5_read_password() and des_read_password() are now
- implemented via krb5_prompter_posix().
+* [2296, 2370, 2424] krb5_get_init_creds() APIs avoid multiple queries
+ to master KDC.
-* [1224] For SAM challenges, omitted optional strings are no longer
- encoded as zero-length strings.
+* [2379] Remove _XOPEN_EXTENDED hack previously used for HP-UX.
-* [1226] Client-side support for SAM hardware-based preauth
- implemented.
+* [2432] Only sanity-check setutent() API if utmpx.h is not present,
+ as this was preventing recent NetBSD from configuring.
-* [1229] The keytab search logic no longer fails prematurely if an
- incorrect encryption type is found. Thanks to Wyllys Ingersoll.
+* [2525] kvno.exe installed on Windows.
-* [1232] If the master KDC cannot be resolved, but a slave is
- reachable, the client library now returns the real error from the
- slave rather than the resolution failure from the master. Thanks to
- Ben Cox.
+* [2529] Fix some internal type inconsistencies in gssapi library.
-* [1234] Assigned numbers for SAM preauth have been corrected.
- sam-pk-for-sad implementation has been aligned.
+* [2530] Fix KRB5_CALLCONV usage in krb5_cc_resolve().
-* [1237] Profile-sharing optimizations from KfM have been merged.
+* [2537] Apply fix from John Hascall to make krb5_get_in_tkt()
+ emulation actually honor the lifetimes in the input credentials.
-* [1240] Windows calling conventions for krb5int_c_combine_keys() have
- been aligned.
+* [2539] Create manpage for krb524d.
-* [1242] Build system incompatibilities with Debian's chimeric
- autoconf installation have been worked around.
+* [2573] The rcache code no longer attempts to close a negative file
+ descriptor from a failed open.
-* [1256] Incorrect sizes passed to memset() in combine_keys()
- operations have been corrected.
+* [2591] The gssapi library now requires that the initiator's channel
+ bindings match those provided by the acceptor, if the acceptor
+ provides them at all.
-* [1260] Client credential lookup now gets new service tickets in
- preference to attempting to use expired ticketes. Thanks to Ben
- Cox.
+* [2592] Fix some HP-UX 11 compilation issues.
-* [1262, 1572] Sequence numbers are now unsigned; negative sequence
- numbers will be accepted for the purposes of backwards
- compatibility.
+* [2598] Fix some HP-UX 11 foreachaddr() issues.
-* [1263] A heuristic for matching the incorrectly encoded sequence
- numbers emitted by Heimdal implementations has been written.
+* [2600] gss_accept_sec_context() no longer leaks rcaches.
-* [1284] kshd accepts connections by IPv6 now.
+* [2603] Clean up some issues relating to use of reserved namespace in
+ k5-platform.h.
-* [1292] kvno manpage title fixed.
+* [2614] Rewrite handling of whitespace in profile library to better
+ handle whitespace around tag names.
-* [1293] Source files no longer explicitly attempt to declare errno.
+* [2629] Fix double-negation of a preprocessor test in osconf.h.
-* [1304] kadmind4 no longer leaves sa_flags uninitialized.
+* [2637] krb5int_zap_data() uses SecureZeroMemory on Windows instead
+ of memset().
-* [1305] Expired tickets now cause KfM to pop up a password dialog.
+* [2654] krb5_get_init_creds() checks for overflow/underflow on 32-bit
+ timestamps.
-* [1309] krb5_send_tgs() no longer leaks the storage associated with
- the TGS-REQ.
+* [2655] krb5_get_init_creds() no longer issues requests where the
+ renew_until time precedes the expiration time.
-* [1310] kadm5_get_either() no longer leaks regexp library memory.
+* [2656] krb5_get_init_creds() supports ticket_lifetime libdefault.
-* [1311] Output from krb5-config no longer contains spurious uses of
- $(PURE).
+* [2657] Default ccache name is evaluated more lazily.
-* [1324] The KDC no longer logs an inappropriate "no matching key"
- error when an encrypted timestamp preauth password is incorrect.
+* [2661] Handle return of ai_canonname=NULL from getaddrinfo().
-* [1334] The KDC now returns a clockskew error when the timestamp in
- the encrypted timestamp preauth is out of bounds, rather than just
- returning a preauthentcation failure.
+* [2665] Fix leak in cc_resolve, reported by Paul Moore.
-* [1342] gawk is no longer required for building kerbsrc.zip for the
- Windows build.
+* [2674] libkadm5 acl_init() API renamed to avoid conflict with MacOS
+ X acl API.
-* [1346] gss_krb5_ccache_name() no longer attempts to return a pointer
- to freed memory.
+* [2684, 2710, 2728] Use BIND 8 parsing API when available.
-* [1351] The filename globbing vulnerability [CERT VU#258721] in the
- ftp client's handling of filenames beginning with "|" or "-"
- returned from the "mget" command has been fixed.
+* [2685] The profile library iterators no longer get confused when
+ modifications are made to the in-memory profile.
-* [1352] GSS_C_PROT_READY_FLAG is no longer asserted inappropriately
- during GSSAPI context establishment.
+* [2694] The krb5-config script now has a manpage.
-* [1356] krb5_gss_accept_sec_context() no longer attempts to validate
- a null credential if one is passed in.
+* [2704] New ccache API flag to request only information, not actual
+ credentials.
-* [1362] The "-a user" option to telnetd now does the right thing.
- Thanks to Nathan Neulinger.
+* [2705] Support for upcoming read/write MSLSA ccache.
-* [1363] ksu no longer inappropriately syslogs to stderr.
+* [2706] resolv.h is included when searching for res_search() and
+ friends, to account for symbol renaming.
-* [1357] krb__get_srvtab_name() no longer leaks memory.
+* [2715] The install-strip make target no longer attempts to strip
+ scripts.
-* [1370] GSS_C_NO_CREDENTIAL now accepts any principal in the keytab.
+* [2718] Fix memory leak in arcfour string_to_key. Reported by
+ Derrick Schommer.
-* [1373] Handling of SAM preauth no longer attempts to stuff a size_t
- into an unsigned int.
+* [2719] Fix memory leak in rd_cred.c. Reported by Derrick Schommer.
-* [1387] BIND versions later than 8 now supported.
+* [2725] Fix memory leak in mk_req_extended(). Reported by Derrick
+ Schommer.
-* [1392] The getaddrinfo() wrapper should work better on AIX.
+* [2729] Add some new version strings for Windows.
-* [1400] If DO_TIME is not set in the auth_context, and no replay
- cache is available, no replay cache will be used.
+* [2734] The ticket_lifetime libdefault now uses units of seconds by
+ default, if no units are provided.
-* [1406, 1108] libdb is no longer installed. If you installed
- krb5-1.3-alpha1, you should ensure that no spurious libdb is left in
- your install tree.
+* [2741] The profile library's error tables aren't loaded on MacOS X.
-* [1412] ETYPE_INFO handling no longer goes into an infinite loop.
+* [2750] Calls to the profile library which set values no longer fail
+ if the file is not writable.
-* [1414] libtelnet is now built using the same library build framework
- as the rest of the tree.
+* [2751] The profile library has a new API to detect whether the
+ default profile is writable.
-* [1417] A minor memory leak in krb5_read_password() has been fixed.
+* [2753] An initial C implementation of CCAPI has been done.
-* [1419] A memory leak in asn1_decode_kdc_req_body() has been fixed.
+* [2754] fake-addrinfo.h includes errno.h earlier.
-* [1435] inet_ntop() is now emulated when needed.
+* [2756] The profile library calls stat() less frequently on files.
-* [1439] krb5_free_pwd_sequences() now correctly frees the entire
- sequence of elements.
+* [2760, 2780] The keytab implementation checks for cases where
+ fopen() can return NULL without setting errno. Reported by Roland
+ Dowdeswell.
-* [1440] errno is no longer explicitly declared.
+* [2770] com_err now creates valid prototypes for generated files.
+ Reported by Jeremy Allison.
-* [1441] kadmind should now return useful errors if an unrecognized
- version is received in a changepw request.
+* [2772, 2797] The krb4 library now honors the dns_fallback libdefault
+ setting.
-* [1454, 1480, 1517, 1525] The etype-info2 preauth type is now
- supported.
+* [2776, 2779] Solaris patches exist for the pty-close race condition
+ bug. We check for these patches now checked, and don't apply the
+ priocntl hack if they are present.
-* [1459] (KfM/KLL internal) config file resolution can now be
- prevented from accessing the user's homedir.
+* [2783] ftpcmds.y unconditionally defines NBBY to 8.
-* [1463] Preauth handling in the KDC has been reorganized.
+* [2793] locate_kdc.c can compile if KRB5_DNS_LOOKUP isn't defined,
+ though we removed the configure-time option for this.
-* [1470] Double-free in client-side preauth code fixed.
+* [2795] Fixed some addrinfo problems that affected Irix.
-* [1473] Ticket forwarding when the TGS and the end service have
- different enctypes should work somewhat better now.
+* [2796, 2840] Calling conventions for some API functions for Windows
+ have been fixed.
-* [1474] ASN.1 testsuite memory management has been cleaned up a
- little to allow for memory leak checking.
+* [2805] Windows NSIS installer script updated.
-* [1476] Documentation updated to reflect default krb4 mode.
+* [2808] Support library renamed on Windows.
-* [1482] RFC-1964 OIDs now provided using the suggested symbolic
- names.
+* [2815] krb5-config updated to reference new support library.
-* [1483, 1528] KRB5_DEPRECATED is now false by default on all
- platforms.
+* [2814, 2816] Some MSLSA ccache features depending on non-public SDK
+ features were backed out.
-* [1488] The KDC will now return integrity errors if a decryption
- error is responsible for preauthentication failure.
+* [2818] Don't create empty array for addresses in MSLSA ccache.
-* [1492] The autom4te.cache directories are now deleted from the
- release tarfiles.
+* [2832] Fix shared library build on sparc64-netbsd.
-* [1501] Writable keytabs are registered by default.
+* [2833, 2834, 2835] Add support for generating/installing debugging
+ symbols on Windows.
-* [1515] The check for cross-realm TGTs no longer reads past the end
- of an array.
+* [2838] Fix termination of incorrect string in telnetd.
-* [1518] The kdc_default_options option is now actually honored.
+* [2854] Fix memory leak in ccache.
-* [1519] The changepw protocol implementation in kadmind now logs
- password changes.
+* [2857] Fix memory leak in asn1_decode_generaltime().
-* [1520] Documentation of OS-specific build options has been updated.
+* [2861] Minor documenation fixes.
-* [1536] A missing prototype for krb5_db_iterate_ext() has been
- added.
+* [2865] New API function krb5_is_thread_safe() to test for thread
+ safety.
-* [1537] An incorrect path to kdc.conf show in the kdc.conf manpage
- has been fixed.
+* [2870, 2881] Fix crash in MSLSA ccache.
-* [1540] verify_as_reply() will only check the "renew-till" time
- against the "till" time if the RENEWABLE is not set in the request.
+* [2871] Handle read() returning -1 in prng.c.
-* [1547] gssftpd no longer uses vfork(), as this was causing problems
- under RedHat 9.
+* [2872] Fix memory leak in DNS lookup code.
-* [1549] SRV records with a value of "." are now interpreted as a lack
- of support for the protocol.
-
-* [1553] The undocumented (and confusing!) kdc_supported_enctypes
- kdc.conf variable is no longer used.
-
-* [1560] Some spurious double-colons in password prompts have been
- fixed.
-
-* [1571] The test suite tries a little harder to get a root shell.
-
-* [1573] The KfM build process now sets localstatedir=/var/db.
-
-* [1576, 1575] The client library no longer requests RENEWABLE_OK if
- the renew lifetime is greater than the ticket lifetime.
-
-* [1587] A more standard autoconf test to locate the C compiler allows
- for gcc to be found by default without additional configuration
- arguments.
-
-* [1593] Replay cache filenames are now escaped with hyphens, not
- backslashes.
-
-* [1598] MacOS 9 support removed from in-tree com_err.
-
-* [1602] Fixed a memory leak in make_ap_req_v1(). Thanks to Kent Wu.
-
-* [1604] Fixed a memory leak in krb5_gss_init_sec_context(), and an
- uninitialized memory reference in kg_unseal_v1(). Thanks to Kent
- Wu.
-
-* [1607] kerberos-iv SRV records are now documented.
-
-* [1610] Fixed AES credential delegation under GSSAPI.
-
-* [1618] ms2mit no longer inserts local addresses into tickets
- converted from the MS ccache if they began as addressless tickets.
-
-* [1619] etype_info parser (once again) accepts extra field emitted by
- Heimdal.
-
-* [1643] Some typos in kdc.conf.M have been fixed.
-
-* [1648] For consistency, leading spaces before preprocessor
- directives in profile.h have been removed.
-
---[ DELETE BEFORE RELEASE ---changes to unreleased code, etc.--- ]--
-
-* [1054] KRB-CRED messages for RC4 are encrypted now.
-
-* [1177] krb5-1-2-2-branch merged onto trunk.
-
-* [1193] Punted comment about reworking key storage architecture.
-
-* [1208] install-headers target implemented.
-
-* [1223] asn1_decode_oid, asn1_encode_oid implemented
-
-* [1248] RC4 is explicitly excluded from combine_keys.
-
-* [1276] Generated dependencies handle --without-krb4 properly now.
-
-* [1339] An inadvertent change to the krb4 get_adm_hst API (strcpy vs
- strncpy etc.) has been fixed.
-
-* [1384, 1413] Use of autoconf-2.52 in util/reconf will now cause a
- warning.
-
-* [1388] DNS support is turned on in KfM.
-
-* [1391] Fix kadmind startup failure with krb4 vuln patch.
-
-* [1409] get_ad_tkt() now prompts for password if there are no tickets
- (in KfM).
-
-* [1447] vts_long() and vts_short() work now.
-
-* [1462] KfM adds exports of set_pw calls.
-
-* [1477] compile_et output not used in err_txt.c.
-
-* [1495] KfM now exports string_to_key_with_params.
-
-* [1512, 1522] afs_string_to_key now works with etype_info2.
-
-* [1514] krb5int_populate_gic_opt returns void now.
-
-* [1521] Using an afs3 salt for an AES key no longer causes
- segfaults.
-
-* [1533] krb524.h no longer contains invalid Mac pragmas.
-
-* [1546] krb_mk_req_creds() no longer zeros the session key.
-
-* [1554] The krb4 string-to-key iteration now accounts correctly for
- the decrypt-in-place semantics of libdes425.
-
-* [1557] KerberosLoginPrivate.h is now correctly included for the use
- of __KLAllowHomeDirectoryAccess() in init_os_ctx.c (for KfM).
-
-* [1558] KfM exports the new krb524 interface.
-
-* [1563] krb__get_srvtaname() no longer returns a pointer that is
- free()d upon a subsequent call.
-
-* [1569] A debug statement has been removed from krb524init.
-
-* [1592] Document possible file rename lossage when building against
- system libdb.
-
-* [1594] Darwin gets an explicit dependency of err_txt.o on
- krb_err.c.
-
-* [1596] Calling conventions, etc. tweaked for KfW build of
- krb524.dll.
-
-* [1600] Minor tweaks to README to improve notes on IPv6, etc.
-
-* [1605] Fixed a leak of subkeys in krb5_rd_rep().
-
-* [1630] krb5_get_in_tkt_with_keytab() works now; previously borken by
- reimplementation in terms of krb5_get_init_creds().
-
-* [1642] KfM build now inherits CFLAGS and LDFLAGS from parent project.
+* [2887] Fix null pointer dereference in krb5_unparse_name().
Copyright Notice and Legal Administrivia
----------------------------------------
in respect of any properties, including, but not limited to, correctness
and fitness for purpose.
-
-
-Acknowledgements
-----------------
+---- The implementation of the RPCSEC_GSS authentication flavor in
+src/lib/rpc has the following copyright:
+
+ Copyright (c) 2000 The Regents of the University of Michigan.
+ All rights reserved.
+
+ Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>.
+ All rights reserved, all wrongs reversed.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. Neither the name of the University nor the names of its
+ contributors may be used to endorse or promote products derived
+ from this software without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Acknowledgments
+---------------
Appreciation Time!!!! There are far too many people to try to thank
them all; many people have contributed to the development of Kerberos
V5. This is only a partial listing....
-Thanks to Paul Vixie and the Internet Software Consortium for funding
-the work of Barry Jaspan. This funding was invaluable for the OV
-administration server integration, as well as the 1.0 release
-preparation process.
-
-Thanks to John Linn, Scott Foote, and all of the folks at OpenVision
-Technologies, Inc., who donated their administration server for use in
-the MIT release of Kerberos.
-
-Thanks to Jeff Bigler, Mark Eichin, Marc Horowitz, Nancy Gilman, Ken
-Raeburn, and all of the folks at Cygnus Support, who provided
-innumerable bug fixes and portability enhancements to the Kerberos V5
-tree. Thanks especially to Jeff Bigler, for the new user and system
-administrator's documentation.
-
-Thanks to Doug Engert from ANL for providing many bug fixes, as well
-as testing to ensure DCE interoperability.
-
-Thanks to Ken Hornstein at NRL for providing many bug fixes and
-suggestions, and for working on SAM preauthentication.
-
-Thanks to Matt Crawford at FNAL for bugfixes and enhancements.
-
-Thanks to Sean Mullan and Bill Sommerfeld from Hewlett Packard for
-their many suggestions and bug fixes.
+Thanks to Kevin Coffman and the CITI group at the University of
+Michigan for providing patches for implementing RPCSEC_GSS
+authentication in the RPC library.
-Thanks to Nalin Dahyabhai of RedHat and Chris Evans for locating and
-providing patches for numerous buffer overruns.
+Thanks to Derrick Schommer for reporting multiple memory leaks.
-Thanks to Christopher Thompson and Marcus Watts for discovering the
-ftpd security bug.
+Thanks to Quanah Gibson-Mount of Stanford University for helping
+exercise the thread support code.
-Thanks to Paul Nelson of Thursby Software Systems for implementing the
-Microsoft set password protocol.
+Thanks to Michael Tautschnig for reporting the heap buffer overflow in
+the password history mechanism. [MITKRB5-SA-2004-004]
Thanks to the members of the Kerberos V5 development team at MIT, both
past and present: Danilo Almeida, Jeffrey Altman, Jay Berkenbilt,
+2005-01-03 Ken Raeburn <raeburn@mit.edu>
+
+ * build.texinfo (The util Directory): Add the new support
+ library.
+ (Installing the Binaries): Discuss parallel builds under GNU
+ make.
+
+ * implementor.texinfo (Host Address Lookup): Document Mac OS X
+ issues.
+
+ * threads.txt, thread-safety.txt: Updates.
+
+2004-11-19 Tom Yu <tlyu@mit.edu>
+
+ * build.texinfo (Solaris 9): Document Solaris patches for pty
+ close bug.
+
2004-10-06 Ken Raeburn <raeburn@mit.edu>
* implementor.texinfo, thread-safe.txt, threads.txt: Various
and @code{kdc.conf}). Also in this directory are the Kerberos error table
library and utilities (@i{et}), the Sub-system library and utilities
(@i{ss}), database utilities (@i{db2}), pseudo-terminal utilities
-(@i{pty}), and bug-reporting program @code{send-pr}.
+(@i{pty}), bug-reporting program @code{send-pr}, and a generic
+support library @code{support} used by several of our other libraries.
@node Build Requirements, Unpacking the Sources, Organization of the Source Directory, Building Kerberos V5
@section Build Requirements
you will need to use a tool such as @samp{lndir} to produce a symbolic
link tree for your build tree.
+@c Library support...
+
@node Unpacking the Sources, Doing the Build, Build Requirements, Building Kerberos V5
@section Unpacking the Sources
Note that if you want to test the build (see @ref{Testing the Build}),
you usually do not need to do a @code{make install} first.
+Some implementations of @samp{make} allow multiple commands to be run in
+parallel, for faster builds. We test our Makefiles in parallel builds with
+GNU @samp{make} only; they may not be compatible with other parallel build
+implementations.
+
@node Testing the Build, Options to Configure, Installing the Binaries, Building Kerberos V5
@section Testing the Build
as root, where @code{nnnn} is the pid of the shell whose priority
limit you wish to raise.
+Sun has released kernel patches for this race condition. Apply patch
+117171-11 for sparc, or patch 117172-11 for x86. Later revisions of
+the patches should also work. It is not necessary to run ``make
+check'' from a shell with elevated priority limits once the patch has
+been applied.
+
@node SGI Irix 5.X, Ultrix 4.2/3, Solaris 9, OS Incompatibilities
@subsection SGI Irix 5.X
No known bugs here, but as of IRIX 6.5.7, the version we're using at
MIT, these functions had not been implemented.
+@item Mac OS X
+Two problems have been found with @code{getaddrinfo} on Mac OS X, at
+least under version 10.3. First, while @code{gethostbyname} data is
+cached to make multiple lookups of the same name (@i{e.g.}, by
+different parts of the code that need to know about the same server
+host), @code{getaddrinfo} results are not cached, so multiple queries
+mean multiple DNS requests, which means more delays if the DNS servers
+are not close by and fast to respond. We've implemented a cache of
+our own to work around this, though it only applies to multiple
+lookups in a short period of time within the same application process,
+and it's only implemented for the Mac at the moment.
+
+Second, the Mac libraries will generate a DNS SRV RR query; as far as
+I [Ken] can tell this is a bug, but Apple seems to consider it a
+feature. (Call @code{getaddrinfo("example.com", "telnet", ...)} and
+you get a SRV record query, but the spec on SRV records says you must
+not use them unless the specification for the service in question says
+to.) Yet more network traffic for each name to look up.
+
@item NetBSD
As of NetBSD 1.5, this function is not thread-safe. In 1.5X
(intermediate code snapshot between 1.5 and 1.6 releases), the
Uses: getaddrinfo, getnameinfo. According to current specifications,
getaddrinfo should be thread-safe; some implementations are not, and
-we're not attempting to figure out which ones.
+we're not attempting to figure out which ones. NetBSD 1.6, for
+example, had an unsafe implementation.
Uses: res_ninit, res_nsearch. If these aren't available, the non-'n'
-versions will be used, and they are not thread-safe.
+versions will be used, and they are sometimes not thread-safe.
Uses: mkstemp, mktemp -- Are these, or our uses of them, likely to be
thread-safe?
code. These are fine as long as no other threads are accessing the
same terminal at the same time.
+Uses: fopen. This is thread-safe, actually, but a multi-threaded
+server is likely to be using lots of file descriptors. On 32-bit
+Solaris platforms, fopen will not work if the next available file
+descriptor number is 256 or higher. This can cause the keytab code to
+fail.
+
Statics: prompter.c: interrupt flag
Statics: ccdefops.c: default operations table pointer
-Statics: ktdefname.c: variable to override default keytab name, NEEDS LOCKING
+Statics: ktdefname.c: variable to override default keytab name, NO
+LOCKING. DON'T TOUCH THESE VARIABLES, at least in threaded programs.
Statics: conv_creds.c: debug variable
Statics: sendto_kdc.c: debug variable, in export list for KDC
-Statics: parse.c: default realm cache, NOT THREAD SAFE
+Statics: parse.c: default realm cache, changed to not cache
Statics: krb5_libinit.c: lib init aux data
Statics: ktbase.c, ccbase.c, rc_base.c: type registries and mutexes.
-Needs work: keytab locking
-
----------------
libgssapi_krb5
modification in those objects will be protected by mutexes or other
means, within the krb5 library.)
+The simple, exposed data structures in krb5.h like krb5_principal are
+not protected; they should not be used in one thread while another
+thread might be modifying them. (TO DO: Build a list of which calls
+keep references to supplied data or return references to
+otherwise-referenced data, as opposed to everything making copies.)
+
+
+
+[ This part is a little outdated already. ]
+
// Between these two, we should be able to do pure compile-time
// and pure run-time initialization.
// POSIX: partial initializer is PTHREAD_MUTEX_INITIALIZER,
int k5_setspecific(k5_key_t, const void *);
... stuff to signal library termination ...
+This is **NOT** an exported interface, and is subject to change.
On many platforms with weak reference support, we can declare certain
symbols to be weak, and test the addresses before calling them. The
calling dlsym(NULL) causes the pthread library to get loaded, so we're
going to just go ahead and link against it anyways.
+On Tru64 we also link against the thread library always.
+
For now, the basic model is:
If weak references supported, use them.
- Else, assume support is present.
+ Else, assume support is present; if that means explicitly pulling in
+ the thread library, so be it.
+
+
+The locking described above may not be sufficient, at least for good
+performance. At some point we may want to switch to read/write locks,
+so multiple threads can grovel over a data structure at once as long
+as they don't change it.
See also notes in src/include/k5-thread.h.
+2005-01-12 Tom Yu <tlyu@mit.edu>
+
+ * aclocal.m4 (AC_LIBRARY_NET): Also check for res_ndestroy.
+
+2004-12-16 Ezra Peisach <epeisach@bu.edu>
+
+ * krb5-config.in: Add krb5support library.
+
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * Makefile.in: build/clean/install/etc kcpytkt,kdeltkt,ms2mit
+
+2004-11-19 Tom Yu <tlyu@mit.edu>
+
+ * aclocal.m4 (KRB5_AC_PRIOCNTL_HACK): Check for Solaris patch
+ 117171-11 (sparc) or 117172-11 (x86), which fixes the Solaris 9
+ bug which can cause final pty output to be on close.
+
+2004-11-18 Tom Yu <tlyu@mit.edu>
+
+ * Makefile.in (install-headers-mkdirs): Create KRB5_INCDIR/gssrpc.
+
2004-10-06 Tom Yu <tlyu@mit.edu>
* Makefile.in (INSTALLMKDIRS): Add EXAMPLEDIR.
install-headers-mkdirs:
$(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)
$(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/gssapi
+ $(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/gssrpc
$(srcdir)/config/mkinstalldirs $(DESTDIR)$(KRB5_INCDIR)/kerberosIV
install-headers-prerecurse: install-headers-mkdirs
clients\Makefile clients\kdestroy\Makefile \
clients\kinit\Makefile clients\klist\Makefile \
clients\kpasswd\Makefile clients\kvno\Makefile \
+ clients\kcpytkt\Makefile clients\kdeltkt\Makefile \
include\Makefile include\krb5\Makefile \
krb524\Makefile \
lib\Makefile lib\crypto\Makefile \
##DOS## $(WCONFIG) config < $@.in > $@
##DOS##clients\kvno\Makefile: clients\kvno\Makefile.in $(MKFDEP)
##DOS## $(WCONFIG) config < $@.in > $@
+##DOS##clients\kcpytkt\Makefile: clients\kcpytkt\Makefile.in $(MKFDEP)
+##DOS## $(WCONFIG) config < $@.in > $@
+##DOS##clients\kdeltkt\Makefile: clients\kdeltkt\Makefile.in $(MKFDEP)
+##DOS## $(WCONFIG) config < $@.in > $@
##DOS##include\Makefile: include\Makefile.in $(MKFDEP)
##DOS## $(WCONFIG) config < $@.in > $@
##DOS##include\krb5\Makefile: include\krb5\Makefile.in $(MKFDEP)
ZIP=zip
FILES= ./* \
clients/* clients/kdestroy/* clients/kinit/* clients/klist/* \
- clients/kpasswd/* \
+ clients/kpasswd/* clients/kcpytkt/* clients/kdeltkt/* \
config/* include/* include/kerberosIV/* \
include/krb5/* include/krb5/stock/* include/sys/* krb524/* lib/* \
lib/crypto/* lib/crypto/crc32/* lib/crypto/des/* lib/crypto/dk/* \
$(CP) windows\gss\$(OUTPRE)gss.exe "$(KRB_INSTALL_DIR)\bin\."
$(CP) appl\gss-sample\$(OUTPRE)gss-server.exe "$(KRB_INSTALL_DIR)\bin\."
$(CP) appl\gss-sample\$(OUTPRE)gss-client.exe "$(KRB_INSTALL_DIR)\bin\."
+ $(CP) windows\ms2mit\$(OUTPRE)ms2mit.exe "$(KRB_INSTALL_DIR)\bin\."
$(CP) appl\gssftp\ftp\$(OUTPRE)ftp.exe "$(KRB_INSTALL_DIR)\bin\."
$(CP) clients\kvno\$(OUTPRE)kvno.exe "$(KRB_INSTALL_DIR)\bin\."
$(CP) clients\klist\$(OUTPRE)klist.exe "$(KRB_INSTALL_DIR)\bin\."
$(CP) clients\kinit\$(OUTPRE)kinit.exe "$(KRB_INSTALL_DIR)\bin\."
$(CP) clients\kdestroy\$(OUTPRE)kdestroy.exe "$(KRB_INSTALL_DIR)\bin\."
+ $(CP) clients\kcpytkt\$(OUTPRE)kcpytkt.exe "$(KRB_INSTALL_DIR)\bin\."
+ $(CP) clients\kdeltkt\$(OUTPRE)kdeltkt.exe "$(KRB_INSTALL_DIR)\bin\."
$(CP) clients\kpasswd\$(OUTPRE)kpasswd.exe "$(KRB_INSTALL_DIR)\bin\."
@if exist "$(KRB_INSTALL_DIR)\bin\krb4_32.dll" del "$(KRB_INSTALL_DIR)\bin\krb4_32.dll"
@if exist "$(KRB_INSTALL_DIR)\lib\krb4_32.lib" del "$(KRB_INSTALL_DIR)\lib\krb4_32.lib"
# This may get us a gethostby* that doesn't respect nsswitch.
AC_CHECK_LIB(resolv, main)
_KRB5_AC_CHECK_RES_FUNCS(res_nsearch res_search ns_initparse dnl
-ns_name_uncompress dn_skipname)
+ns_name_uncompress dn_skipname res_ndestroy)
if test $krb5_cv_func_res_nsearch = no \
&& test $krb5_cv_func_res_search = no; then
# Attempt to link with res_search(), in case it's not prototyped.
dnl
dnl
AC_DEFUN([KRB5_AC_PRIOCNTL_HACK],
+[AC_REQUIRE([AC_PROG_AWK])dnl
+AC_REQUIRE([AC_LANG_COMPILER_REQUIRE])dnl
+AC_CACHE_CHECK([whether to use priocntl hack], [krb5_cv_priocntl_hack],
[case $krb5_cv_host in
*-*-solaris2.9*)
- PRIOCNTL_HACK=1
+ if test "$cross_compiling" = yes; then
+ krb5_cv_priocntl_hack=yes
+ else
+ # Solaris patch 117171-11 (sparc) or 117172-11 (x86)
+ # fixes the Solaris 9 bug where final pty output
+ # gets lost on close.
+ if showrev -p | $AWK 'BEGIN { e = 1 }
+/Patch: 11717[[12]]/ { x = index[]([$]2, "-");
+if (substr[]([$]2, x + 1, length([$]2) - x) >= 11)
+{ e = 0 } else { e = 1 } }
+END { exit e; }'; then
+ krb5_cv_priocntl_hack=no
+ else
+ krb5_cv_priocntl_hack=yes
+ fi
+ fi
;;
*)
- PRIOCNTL_HACK=0
+ krb5_cv_priocntl_hack=no
;;
-esac
+esac])
+if test "$krb5_cv_priocntl_hack" = yes; then
+ PRIOCNTL_HACK=1
+else
+ PRIOCNTL_HACK=0
+fi
AC_SUBST(PRIOCNTL_HACK)])
dnl
dnl
+2004-11-26 Sam Hartman <hartmans@mit.edu>
+
+ * ftpcmd.y: nbby should be 8 for anything platform we care about.
+ The previous test broke on Debian BSD, so the test has been
+ removed.
+
+2004-11-03 Tom Yu <tlyu@mit.edu>
+
+ * ftpcmd.y (getline): Merge Athena change to reject MICed
+ password.
+
+ * ftpd.M: Document '-E'.
+
+ * ftpd.c (main): Merge Athena's '-E' changes to prohibit
+ unencrypted passwords.
+
2004-09-22 Tom Yu <tlyu@mit.edu>
* Makefile.in (ftpd): Use UTIL_LIB.
$(KRB_ERR_H_DEP) $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h \
$(srcdir)/../arpa/ftp.h
$(OUTPRE)getdtablesize.$(OBJEXT): $(srcdir)/../../bsd/getdtablesize.c
+$(OUTPRE)setenv.$(OBJEXT): $(srcdir)/../../bsd/setenv.c
#endif
#ifndef NBBY
-#ifdef linux
#define NBBY 8
#endif
-#ifdef __pyrsoft
-#ifdef MIPSEB
-#define NBBY 8
-#endif
-#endif
-#endif
static struct sockaddr_in host_port;
extern int timeout;
extern int maxtimeout;
extern int pdata;
+extern int authlevel;
extern char hostname[], remotehost[];
extern char proctitle[];
extern char *globerr;
}
#endif /* GSSAPI */
/* Other auth types go here ... */
+
+ /* A password should never be MICed, but the CNS ftp
+ * client and the pre-6/98 Krb5 client did this if you
+ * authenticated but didn't encrypt.
+ */
+ if (authlevel && mic && !strncmp(s, "PASS", 4)) {
+ lreply(530, "There is a problem with your ftp client. Password refused.");
+ reply(530, "Enable encryption before logging in, or update your ftp program.");
+ *s = 0;
+ return s;
+ }
+
}
#if defined KRB5_KRB4_COMPAT || defined GSSAPI /* or other auth types */
else { /* !auth_type */
ftpd \- DARPA Internet File Transfer Protocol server
.SH SYNOPSIS
.B ftpd
-[\fB\-A \fP|\fB -a\fP] [\fB\-C\fP] [\fB\-c\fP] [\fB\-d\fP] [\fB\-l\fP]
-[\fB\-v\fP] [\fB\-T\fP \fImaxtimeout\fP] [\fB\-t\fP \fItimeout\fP]
+[\fB\-A \fP|\fB -a\fP] [\fB\-C\fP] [\fB\-c\fP] [\fB\-d\fP] [\fB-E\fP]
+[\fB\-l\fP] [\fB\-v\fP] [\fB\-T\fP \fImaxtimeout\fP] [\fB\-t\fP \fItimeout\fP]
[\fB\-p\fP \fIport\fP] [\fB\-U\fP \fIftpusers-file\fP] [\fB\-u\fP \fIumask\fP]
[\fB\-r\fP \fIrealm-file\fP] [\fB\-s\fP \fIsrvtab\fP]
[\fB\-w\fP{\fBip\fP|\fImaxhostlen\fP[\fB,\fP{\fBstriplocal\fP|\fBnostriplocal\fP}]}]
.B \-d
Debugging information is written to the syslog. (Identical to -v)
.TP
+.B \-E
+Don't allow passwords to be typed across unencrypted connections.
+.TP
.B \-l
Each
.IR ftp (1)
extern char *optarg;
extern int optopt;
#ifdef KRB5_KRB4_COMPAT
- char *option_string = "AaCcdlp:r:s:T:t:U:u:vw:";
+ char *option_string = "AaCcdElp:r:s:T:t:U:u:vw:";
#else /* !KRB5_KRB4_COMPAT */
- char *option_string = "AaCcdlp:r:T:t:U:u:vw:";
+ char *option_string = "AaCcdElp:r:T:t:U:u:vw:";
#endif /* KRB5_KRB4_COMPAT */
ftpusers = _PATH_FTPUSERS_DEFAULT;
debug = 1;
break;
+ case 'E':
+ if (!authlevel)
+ authlevel = AUTHLEVEL_AUTHENTICATE;
+ break;
+
case 'l':
logging ++;
break;
+2004-12-20 Tom Yu <tlyu@mit.edu>
+
+ * kerberos.c (kerberos4_status): Null-terminate the correct
+ string. Reported by Marcin Garski.
+
+2004-11-15 Tom Yu <tlyu@mit.edu>
+
+ * auth-proto.h, auth.c: Merge Athena changes for requiring
+ encrypted connections.
+
2004-06-04 Ken Raeburn <raeburn@mit.edu>
* Makefile.in (LIBBASE): Renamed from LIB.
void auth_is (unsigned char *, int);
void auth_reply (unsigned char *, int);
void auth_finished (Authenticator *, int);
-int auth_wait (char *);
+void auth_wait (char *);
+int auth_check (char *);
int auth_must_encrypt (void);
void auth_disable_name (char *);
void auth_gen_printsub (unsigned char *, int, unsigned char *, unsigned int);
int auth_debug_mode = 0;
int auth_has_failed = 0;
int auth_enable_encrypt = 0;
+int auth_client_non_unix = 0;
static char *Name = "Noname";
static int Server = 0;
static Authenticator *authenticated = 0;
authenticating = 1;
while (ap->type) {
if (i_support & ~i_wont_support & typemask(ap->type)) {
- if (auth_debug_mode) {
- printf(">>>%s: Sending type %d %d\r\n",
- Name, ap->type, ap->way);
+ if (ap->type == AUTHTYPE_KERBEROS_V4 ||
+ !auth_client_non_unix) {
+ if (auth_debug_mode) {
+ printf(">>>%s: Sending type %d %d\r\n",
+ Name, ap->type, ap->way);
+ }
+ *e++ = ap->type;
+ *e++ = ap->way;
}
- *e++ = ap->type;
- *e++ = ap->way;
}
++ap;
}
+ if (auth_client_non_unix) {
+ ap = authenticators;
+ while (ap->type) {
+ if (i_support & ~i_wont_support & typemask(ap->type)) {
+ *e++ = ap->type;
+ *e++ = ap->way;
+ }
+ ++ap;
+ }
+ }
*e++ = IAC;
*e++ = SE;
net_write(str_request, e - str_request);
auth_finished(0, AUTH_REJECT);
}
- int
+ void
auth_wait(name)
char *name;
{
printf(">>>%s: in auth_wait.\r\n", Name);
if (Server && !authenticating)
- return(0);
+ return;
(void) signal(SIGALRM, auth_intr);
alarm(30);
break;
alarm(0);
(void) signal(SIGALRM, SIG_DFL);
+}
+ int
+auth_check(name)
+ char *name;
+{
/*
* Now check to see if the user is valid or not
*/
if (UserNameRequested) {
/* the name buffer comes from telnetd/telnetd{-ktd}.c */
strncpy(kname, UserNameRequested, 255);
- name[255] = '\0';
+ kname[255] = '\0';
}
if (UserNameRequested && !kuserok(&adat, UserNameRequested)) {
+2004-11-15 Tom Yu <tlyu@mit.edu>
+
+ * ext.h: New variable "must_encrypt".
+
+ * telnetd.8: Update for changed command-line options.
+
+ * telnetd.c (getterminaltype): Merge Athena changes to require
+ encrypted connections.
+
+ * utility.c (ttsuck): Merge Athena changes to work around some
+ client timing bugs.
+
2004-09-22 Tom Yu <tlyu@mit.edu>
* Makefile.in (telnetd): Use UTIL_LIB.
extern int pty, net;
extern int SYNCHing; /* we are in TELNET SYNCH mode */
+#ifdef ENCRYPTION
+extern int must_encrypt;
+#endif
+
extern void
_termstat (void),
add_slc (int, int, int),
.SH SYNOPSIS
.B /usr/libexec/telnetd
[\fB\-a\fP \fIauthmode\fP] [\fB\-B\fP] [\fB\-D\fP] [\fIdebugmode\fP]
-[\fB\-edebug\fP] [\fB\-h\fP] [\fB\-I\fP\fIinitid\fP] [\fB\-l\fP]
+[\fB\-e\fP] [\fB\-h\fP] [\fB\-I\fP\fIinitid\fP] [\fB\-l\fP]
[\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
[\fB\-S\fP \fItos\fP] [\fB\-U\fP] [\fB\-X\fP \fIauthtype\fP]
[\fB\-w\fP [\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP]]]
.B ptydata
Displays data written to the pty.
.TP
+.B encrypt
+Enables encryption debugging code.
+.TP
.B exercise
Has not been implemented yet.
.RE
in
.IR socket (2)).
.TP
-.B \-edebug
-If
+.B \-e
+This option causes
.B telnetd
-has been compiled with support for data encryption, then the
-.B edebug
-option may be used to enable encryption debugging code.
+to refuse unencrypted connections.
.TP
.B \-h
Disables the printing of host-specific information before login has been
'D', ':',
#endif
#ifdef ENCRYPTION
- 'e', ':',
+ 'e',
#endif
#if defined(CRAY) && defined(NEWINIT)
'I', ':',
diagnostic |= TD_PTYDATA;
} else if (!strcmp(optarg, "options")) {
diagnostic |= TD_OPTIONS;
+ } else if (!strcmp(optarg, "encrypt")) {
+ extern int encrypt_debug_mode;
+ encrypt_debug_mode = 1;
} else {
usage();
/* NOT REACHED */
#ifdef ENCRYPTION
case 'e':
- if (strcmp(optarg, "debug") == 0) {
- extern int encrypt_debug_mode;
- encrypt_debug_mode = 1;
- break;
- }
- usage();
- /* NOTREACHED */
+ must_encrypt = 1;
break;
#endif /* ENCRYPTION */
static void encrypt_failure()
{
- char *lerror_message =
- "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
+ char *lerror_message;
+
+ if (auth_must_encrypt())
+ lerror_message = "Encryption was not successfully negotiated. Goodbye.\r\n\r\n";
+ else
+ lerror_message = "Unencrypted connection refused. Goodbye.\r\n\r\n";
netputs(lerror_message);
netflush();
settimer(baseline);
#if defined(AUTHENTICATION)
+ ttsuck();
/*
* Handle the Authentication option before we do anything else.
*/
while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
ttloop();
if (his_state_is_will(TELOPT_AUTHENTICATION)) {
- retval = auth_wait(name);
+ auth_wait(name);
}
#endif
if (his_state_is_will(TELOPT_ENCRYPT)) {
encrypt_wait();
}
- if (auth_must_encrypt()) {
+ if (must_encrypt || auth_must_encrypt()) {
time_t timeout = time(0) + 60;
if (my_state_is_dont(TELOPT_ENCRYPT) ||
- my_state_is_wont(TELOPT_ENCRYPT))
+ my_state_is_wont(TELOPT_ENCRYPT) ||
+ his_state_is_wont(TELOPT_AUTHENTICATION))
encrypt_failure();
- if (!EncryptStartInput() || !EncryptStartOutput())
- encrypt_failure();
+ while (!EncryptStartInput()) {
+ if (time (0) > timeout)
+ encrypt_failure();
+ ttloop();
+ }
+
+ while (!EncryptStartOutput()) {
+ if (time (0) > timeout)
+ encrypt_failure();
+ ttloop();
+ }
while (!encrypt_is_encrypting()) {
if (time(0) > timeout)
}
}
}
- return(retval);
+#ifdef AUTHENTICATION
+ return(auth_check(name));
+#else
+ return(-1);
+#endif
} /* end of getterminaltype */
static void
}
} /* end of ttloop */
+/*
+ * ttsuck - This is a horrible kludge to deal with a bug in
+ * HostExplorer. HostExplorer thinks it knows how to do krb5 auth, but
+ * it doesn't really. So if you offer it krb5 as an auth choice before
+ * krb4, it will sabotage the connection. So we peek ahead into the
+ * input stream to see if the client is a UNIX client, and then
+ * (later) offer krb5 first only if it is. Since no Mac/PC telnet
+ * clients do auto switching between krb4 and krb5 like the UNIX
+ * client does, it doesn't matter what order they see the choices in
+ * (except for HostExplorer).
+ *
+ * It is actually not possible to do this without looking ahead into
+ * the input stream: the client and server both try to begin
+ * auth/encryption negotiation as soon as possible, so if we let the
+ * server process things normally, it will already have sent the list
+ * of supported auth types before seeing the NEW-ENVIRON option. If
+ * you change the code to hold off sending the list of supported auth
+ * types until after it knows whether or not the remote side supports
+ * NEW-ENVIRON, then the auth negotiation and encryption negotiation
+ * race conditions won't interact properly, and encryption negotiation
+ * will reliably fail.
+ */
+
+ void
+ttsuck()
+{
+ extern int auth_client_non_unix;
+ int nread;
+ struct timeval tv;
+ fd_set fds;
+ char *p, match[] = {IAC, WILL, TELOPT_NEW_ENVIRON};
+
+ if (nfrontp-nbackp) {
+ netflush();
+ }
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ FD_SET(net, &fds);
+
+ while (select(net + 1, &fds, NULL, NULL, &tv) == 1)
+ {
+ nread = read(net, netibuf + ncc, sizeof(netibuf) - ncc);
+ if (nread <= 0)
+ break;
+ ncc += nread;
+ }
+
+ auth_client_non_unix = 1;
+ for (p = netibuf; p < netibuf + ncc; p++)
+ {
+ if (!memcmp(p, match, sizeof(match)))
+ {
+ auth_client_non_unix = 0;
+ break;
+ }
+ }
+
+ if (ncc > 0)
+ telrcv();
+}
+
/*
* Check a descriptor to see if out of band data exists on it.
*/
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * Makefile.in: output status info for kcpytkt, kdeltkt
+
2004-08-20 Jeffrey Altman <jaltman@mit.edu>
* Add kcpytkt and kdeltkt directories
@echo Making all in clients\kvno
cd ..\kvno
$(MAKE) -$(MFLAGS)
+ @echo Making all in clients\kcpytkt
cd ..\kcpytkt
$(MAKE) -$(MFLAGS)
+ @echo Making all in clients\kdeltkt
cd ..\kdeltkt
$(MAKE) -$(MFLAGS)
cd ..
@echo Making clean in clients\kvno
cd ..\kvno
$(MAKE) -$(MFLAGS) clean
+ @echo Making clean in clients\kcpytkt
cd ..\kcpytkt
$(MAKE) -$(MFLAGS) clean
+ @echo Making clean in clients\kdeltkt
cd ..\kdeltkt
$(MAKE) -$(MFLAGS) clean
cd ..
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * Makefile.in: correct the makefile to build kdeltkt, not kvno
+
2004-08-19 Jeffrey Altman <jaltman@mit.edu>
* kdeltkt.c, kdeltkt.M: Create a new application.
thisconfigdir=./..
-myfulldir=clients/kvno
+myfulldir=clients/kdeltkt
mydir=kvno
BUILDTOP=$(REL)..$(S)..
PROG_LIBPATH=-L$(TOPLIBD)
PROG_RPATH=$(KRB5_LIBDIR)
-all-unix:: kvno
-all-windows:: $(OUTPRE)kvno.exe
+all-unix:: kdeltkt
+all-windows:: $(OUTPRE)kdeltkt.exe
all-mac::
-kvno: kvno.o $(KRB4COMPAT_DEPLIBS)
- $(CC_LINK) -o $@ kvno.o $(KRB4COMPAT_LIBS)
+kdeltkt: kdeltkt.o $(KRB4COMPAT_DEPLIBS)
+ $(CC_LINK) -o $@ kdeltkt.o $(KRB4COMPAT_LIBS)
-$(OUTPRE)kvno.exe: $(OUTPRE)kvno.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB)
+$(OUTPRE)kdeltkt.exe: $(OUTPRE)kdeltkt.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB)
link $(EXE_LINKOPTS) /out:$@ $**
clean-unix::
- $(RM) kvno.o kvno
+ $(RM) kdeltkt.o kdeltkt
install-unix::
- for f in kvno; do \
+ for f in kdeltkt; do \
$(INSTALL_PROGRAM) $$f \
$(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`; \
$(INSTALL_DATA) $(srcdir)/$$f.M \
+2004-12-17 Jeffrey Altman <jaltman@mit.edu>
+
+ * win-pre.in: add -debug switch to LOPTS if DEBUG_SYMBOLS
+
+2004-12-17 Ken Raeburn <raeburn@mit.edu>
+
+ * shlib.conf (*-*-netbsd*): Use -fPIC instead of -fpic, which
+ won't work on sparc64 at least.
+
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * win-pre.in; optionally build debug symbols for release builds
+ and rename krb5support_32.dll to k5sprt32.dll
+
+2004-11-19 Tom Yu <tlyu@mit.edu>
+
+ * pre.in (KRB5_INCSUBDIRS): Add KRB5_INCDIR/gssrpc.
+
2004-10-06 Tom Yu <tlyu@mit.edu>
* pre.in (datadir, EXAMPLEDIR): Add directory for examples.
KRB5_INCDIR = @includedir@
KRB5_INCSUBDIRS = \
$(KRB5_INCDIR)/gssapi \
- $(KRB5_INCDIR)/kerberosIV
+ $(KRB5_INCDIR)/kerberosIV \
+ $(KRB5_INCDIR)/gssrpc
#
# Macros used by the KADM5 (OV-based) unit test system.
;;
*-*-netbsd*)
- PICFLAGS=-fpic
+ PICFLAGS=-fPIC
SHLIBVEXT='.so.$(LIBMAJOR).$(LIBMINOR)'
SHLIBEXT=.so
LDCOMBINE='ld -Bshareable'
# CCOPTS2 was for non-DLL compiles (EXEs, for example)
#
!ifdef NODEBUG
+!ifdef DEBUG_SYMBOL
+CCOPTS=/ZI $(CCOPTS)
+LOPTS=$(LOPTS) -debug
+!endif
CCOPTS=/Os /MD $(CCOPTS)
LOPTS=$(LOPTS)
!else
PLIB=$(BUILDTOP)\lib\$(OUTPRE)xpprof32.lib
KLIB=$(BUILDTOP)\lib\$(OUTPRE)krb5_32.lib
K4LIB=$(BUILDTOP)\lib\$(OUTPRE)krb4_32.lib
-SLIB=$(BUILDTOP)\lib\$(OUTPRE)krb5support_32.lib
+SLIB=$(BUILDTOP)\lib\$(OUTPRE)k5sprt32.lib
GLIB=$(BUILDTOP)\lib\$(OUTPRE)gssapi32.lib
WLIB=
+2005-01-14 Ken Raeburn <raeburn@mit.edu>
+
+ * k5-thread.h [HAVE_PTHREAD && HAVE_PRAGMA_WEAK_REF]: Mark
+ pthread_self and pthread_equal as weak references.
+
+2005-01-13 Ken Raeburn <raeburn@mit.edu>
+
+ * k5-thread.h (k5_os_mutex) [pthread case]: Add new field "owner"
+ if DEBUG_THREADS.
+ (k5_pthread_mutex_lock, k5_pthread_mutex_unlock,
+ k5_pthread_assert_locked): New macros/functions; if DEBUG_THREADS,
+ and thread support loaded, set or check the owner field.
+ (K5_OS_MUTEX_PARTIAL_INITIALIZER) [pthread case && DEBUG_THREADS]:
+ Set the owner field. If PTHREAD_ERRORCHECK_MUTEX_INITIALIZER_NP
+ is defined, use it.
+ (k5_os_mutex_lock, k5_os_mutex_unlock, k5_os_mutex_assert_locked)
+ [pthread case]: Use k5_pthread_ versions.
+ (k5_mutex_destroy): Update the location data with the mutex
+ locked, before destroying it.
+ (k5_mutex_unlock): Update the location data while the mutex is
+ still locked, and check the assertion that the mutex really is
+ locked. Convert inline function to macro.
+
+ * k5-thread.h (krb5int_mutex_lock_update_stats,
+ krb5int_mutex_unlock_update_stats, krb5int_mutex_report_stats)
+ [!DEBUG_THREADS_STATS]: Declare KRB5_CALLCONV.
+
+2005-01-04 Jeffrey Altman <jaltman@mit.edu>
+
+ * krb5.hin: add prototype for krb5_is_thread_safe
+
+2004-12-21 Tom Yu <tlyu@mit.edu>
+
+ * krb5.hin: Flag krb5_principal2salt as KRB5_CALLCONV_WRONG.
+
+2004-12-08 Ken Raeburn <raeburn@mit.edu>
+
+ * k5-int.h (KRB5INT_ACCESS_STRUCT_VERSION): Bump to 9.
+ (struct _krb5int_access): Add function pointer field use_dns_kdc.
+
+2004-10-29 Ken Raeburn <raeburn@mit.edu>
+
+ * fake-addrinfo.h: Include errno.h earlier.
+
2004-10-28 Ken Raeburn <raeburn@mit.edu>
* k5-thread.h (return_after_yield, k5_mutex_lock) [__GNUC__]: Add
#include "k5-thread.h"
#include <stdio.h> /* for sprintf */
+#include <errno.h>
#ifdef S_SPLINT_S
/*@-incondefs@*/
}
#ifdef NEED_FAKE_GETNAMEINFO
-#include <errno.h>
static inline int
fake_getnameinfo (const struct sockaddr *sa, socklen_t len,
char *host, socklen_t hostlen,
}
#endif
-#include <errno.h>
#if defined(HAVE_FAKE_GETADDRINFO) || defined(NEED_FAKE_GETNAMEINFO)
static inline
/* To keep happy libraries which are (for now) accessing internal stuff */
/* Make sure to increment by one when changing the struct */
-#define KRB5INT_ACCESS_STRUCT_VERSION 8
+#define KRB5INT_ACCESS_STRUCT_VERSION 9
#ifndef ANAME_SZ
struct ktext; /* from krb.h, for krb524 support */
const char *protocol,
struct srv_dns_entry **answers);
void (*free_srv_dns_data)(struct srv_dns_entry *);
+ int (*use_dns_kdc)(krb5_context);
/* krb4 compatibility stuff -- may be null if not enabled */
krb5_int32 (*krb_life_to_time)(krb5_int32, int);
# pragma weak pthread_mutex_unlock
# pragma weak pthread_mutex_destroy
# pragma weak pthread_mutex_init
+# pragma weak pthread_self
+# pragma weak pthread_equal
# ifdef HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB
# pragma weak pthread_mutexattr_setrobust_np
# endif
typedef struct {
pthread_mutex_t p;
+#ifdef DEBUG_THREADS
+ pthread_t owner;
+#endif
#ifdef USE_PTHREAD_LOCK_ONLY_IF_LOADED
k5_os_nothread_mutex n;
#endif
} k5_os_mutex;
+#ifdef DEBUG_THREADS
+# ifdef __GNUC__
+# define k5_pthread_mutex_lock(M) \
+ ({ \
+ k5_os_mutex *_m2 = (M); \
+ int _r2 = pthread_mutex_lock(&_m2->p); \
+ if (_r2 == 0) _m2->owner = pthread_self(); \
+ _r2; \
+ })
+# else
+static inline int
+k5_pthread_mutex_lock(k5_os_mutex *m)
+{
+ int r = pthread_mutex_lock(&m->p);
+ if (r)
+ return r;
+ m->owner = pthread_self();
+ return 0;
+}
+# endif
+# define k5_pthread_assert_locked(M) \
+ (K5_PTHREADS_LOADED \
+ ? assert(pthread_equal((M)->owner, pthread_self())) \
+ : (void)0)
+# define k5_pthread_mutex_unlock(M) \
+ (k5_pthread_assert_locked(M), \
+ (M)->owner = (pthread_t) 0, \
+ pthread_mutex_unlock(&(M)->p))
+#else
+# define k5_pthread_mutex_lock(M) pthread_mutex_lock(&(M)->p)
+static inline void k5_pthread_assert_locked(pthread_mutex_t *m) { }
+# define k5_pthread_mutex_unlock(M) pthread_mutex_unlock(&(M)->p)
+#endif
+
/* Define as functions to:
(1) eliminate "statement with no effect" warnings for "0"
(2) encourage type-checking in calling code */
static inline void k5_pthread_assert_unlocked(pthread_mutex_t *m) { }
-static inline void k5_pthread_assert_locked(pthread_mutex_t *m) { }
#if defined(DEBUG_THREADS_SLOW) && HAVE_SCHED_H && (HAVE_SCHED_YIELD || HAVE_PRAGMA_WEAK_REF)
# include <sched.h>
#ifdef USE_PTHREAD_LOCK_ONLY_IF_LOADED
-# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
+# if defined(PTHREAD_ERRORCHECK_MUTEX_INITIALIZER_NP) && defined(DEBUG_THREADS)
+# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
+ { PTHREAD_ERRORCHECK_MUTEX_INITIALIZER_NP, (pthread_t) 0, \
+ K5_OS_NOTHREAD_MUTEX_PARTIAL_INITIALIZER }
+# elif defined(DEBUG_THREADS)
+# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
+ { PTHREAD_MUTEX_INITIALIZER, (pthread_t) 0, \
+ K5_OS_NOTHREAD_MUTEX_PARTIAL_INITIALIZER }
+# else
+# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
{ PTHREAD_MUTEX_INITIALIZER, K5_OS_NOTHREAD_MUTEX_PARTIAL_INITIALIZER }
+# endif
# define k5_os_mutex_finish_init(M) \
k5_os_nothread_mutex_finish_init(&(M)->n)
# define k5_os_mutex_lock(M) \
return_after_yield(K5_PTHREADS_LOADED \
- ? pthread_mutex_lock(&(M)->p) \
+ ? k5_pthread_mutex_lock(&(M)->p) \
: k5_os_nothread_mutex_lock(&(M)->n))
# define k5_os_mutex_unlock(M) \
(MAYBE_SCHED_YIELD(), \
(K5_PTHREADS_LOADED \
- ? pthread_mutex_unlock(&(M)->p) \
+ ? k5_pthread_mutex_unlock(M) \
: k5_os_nothread_mutex_unlock(&(M)->n)))
# define k5_os_mutex_assert_unlocked(M) \
: k5_os_nothread_mutex_assert_unlocked(&(M)->n))
# define k5_os_mutex_assert_locked(M) \
(K5_PTHREADS_LOADED \
- ? k5_pthread_assert_locked(&(M)->p) \
+ ? k5_pthread_assert_locked(M) \
: k5_os_nothread_mutex_assert_locked(&(M)->n))
#else
-# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
+# ifdef DEBUG_THREADS
+# ifdef PTHREAD_ERRORCHECK_MUTEX_INITIALIZER_NP
+# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
+ { PTHREAD_ERRORCHECK_MUTEX_INITIALIZER_NP, (pthread_t) 0 }
+# else
+# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
+ { PTHREAD_MUTEX_INITIALIZER, (pthread_t) 0 }
+# endif
+# else
+# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
{ PTHREAD_MUTEX_INITIALIZER }
+# endif
static inline int k5_os_mutex_finish_init(k5_os_mutex *m) { return 0; }
# define k5_os_mutex_init(M) pthread_mutex_init(&(M)->p, 0)
# define k5_os_mutex_destroy(M) pthread_mutex_destroy(&(M)->p)
-# define k5_os_mutex_lock(M) return_after_yield(pthread_mutex_lock(&(M)->p))
-# define k5_os_mutex_unlock(M) (MAYBE_SCHED_YIELD(),pthread_mutex_unlock(&(M)->p))
+# define k5_os_mutex_lock(M) return_after_yield(k5_pthread_mutex_lock(M))
+# define k5_os_mutex_unlock(M) (MAYBE_SCHED_YIELD(),k5_pthread_mutex_unlock(M))
# define k5_os_mutex_assert_unlocked(M) k5_pthread_assert_unlocked(&(M)->p)
-# define k5_os_mutex_assert_locked(M) k5_pthread_assert_locked(&(M)->p)
+# define k5_os_mutex_assert_locked(M) k5_pthread_assert_locked(M)
#endif /* is pthreads always available? */
#define k5_mutex_finish_init(M) k5_mutex_finish_init_1((M), K5_DEBUG_LOC)
#define k5_mutex_destroy(M) \
(k5_os_mutex_assert_unlocked(&(M)->os), \
- (M)->loc_last = K5_DEBUG_LOC, \
+ k5_mutex_lock(M), (M)->loc_last = K5_DEBUG_LOC, k5_mutex_unlock(M), \
k5_os_mutex_destroy(&(M)->os))
#ifdef __GNUC__
#define k5_mutex_lock(M) \
}
#define k5_mutex_lock(M) k5_mutex_lock_1(M, K5_DEBUG_LOC)
#endif
-static inline int k5_mutex_unlock_1(k5_mutex_t *m, k5_debug_loc l)
-{
- int err = 0;
- err = k5_os_mutex_unlock(&m->os);
- if (err)
- return err;
- m->loc_last = l;
- return err;
-}
-#define k5_mutex_unlock(M) k5_mutex_unlock_1(M, K5_DEBUG_LOC)
+#define k5_mutex_unlock(M) \
+ (k5_mutex_assert_locked(M), \
+ (M)->loc_last = K5_DEBUG_LOC, \
+ k5_os_mutex_unlock(&(M)->os))
#define k5_mutex_assert_locked(M) k5_os_mutex_assert_locked(&(M)->os)
#define k5_mutex_assert_unlocked(M) k5_os_mutex_assert_unlocked(&(M)->os)
(krb5_context, krb5_enctype);
#endif
+krb5_boolean KRB5_CALLCONV krb5_is_thread_safe(void);
+
/* libkrb.spec */
#if KRB5_PRIVATE
krb5_error_code krb5_kdc_rep_decrypt_proc
(krb5_context,
krb5_keytab,
krb5_keytab_entry * );
-krb5_error_code krb5_principal2salt
+krb5_error_code KRB5_CALLCONV_WRONG krb5_principal2salt
(krb5_context,
krb5_const_principal, krb5_data *);
#if KRB5_PRIVATE
fi
if test $library = 'krb5'; then
- lib_flags="$lib_flags -lkrb5 -lk5crypto -lcom_err $LIBS $GEN_LIB"
+ lib_flags="$lib_flags -lkrb5 -lk5crypto -lkrb5support -lcom_err $LIBS $GEN_LIB"
fi
echo $lib_flags
-krb5support32.def
+k5sprt32.def
+2005-01-03 Jeffrey Altman <jaltman@mit.edu>
+
+ * krb5_32.def: export krb5_is_thread_safe()
+
+2004-12-18 Jeffrey Altman <jaltman@mit.edu>
+
+ * krb5_32.def: mark krb5_principal2salt as using the wrong
+ calling convention.
+
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ *.cvsignore, Makefile.in: rename krb5support32.def to k5sprt32.def
+
2004-09-24 Tom Yu <tlyu@mit.edu>
* Makefile.in (RCFLAGS): Add -I$(SRCTOP) to get patchlevel.h.
##MIT##MITLIBS=$(VS_LIB)
##MIT##MITFLAGS=-I$(VS_INC) /DVERSERV=1
-SLIBS = $(BUILDTOP)\util\support\$(OUTPRE)krb5support_32.lib
+SLIBS = $(BUILDTOP)\util\support\$(OUTPRE)k5sprt32.lib
CLIBS = $(BUILDTOP)\util\et\$(OUTPRE)comerr.lib
PLIBS = $(BUILDTOP)\util\profile\$(OUTPRE)profile.lib
KLIBS = krb5\$(OUTPRE)krb5.lib crypto\$(OUTPRE)crypto.lib \
GLIBS = gssapi\$(OUTPRE)gssapi.lib
K4LIBS = krb4\$(OUTPRE)krb4.lib
-SDEF = krb5support32.def
+SDEF = k5sprt32.def
CDEF = comerr32.def
PDEF = xpprof32.def
KDEF = krb5_32.def
+2005-01-13 Ken Raeburn <raeburn@mit.edu>
+
+ * prng.c (krb5int_prng_init): Incorporate do_yarrow_init body.
+ Don't check inited variable.
+ (inited): Variable deleted.
+ (krb5_c_random_make_octets, krb5int_prng_cleanup): Don't check
+ it.
+ (do_yarrow_init): Deleted.
+
+2005-01-12 Tom Yu <tlyu@mit.edu>
+
+ * prng.c (read_entropy_from_device): Use ssize_t, not size_t, so
+ read() returning -1 doesn't cause trouble.
+
+2004-11-17 Ken Raeburn <raeburn@mit.edu>
+
+ * prng.c (do_yarrow_init): Move mutex initialization here.
+ (krb5int_prng_init): Don't do it here.
+
+2004-11-15 Sam Hartman <hartmans@mit.edu>
+
+ * t_prng.expected t_prng.reseedtest-expected : Update expected
+ PRNG test output and confirm that reseeds and gates happen correctly.
+
+2004-10-29 Ken Raeburn <raeburn@mit.edu>
+
+ * prng.c (yarrow_lock): Rename to krb5int_yarrow_lock via macro,
+ and change to be non-static.
+ (krb5int_prng_init): Call do_yarrow_init here.
+ (krb5_c_random_add_entropy): Don't call it here. Don't lock the
+ mutex, either.
+ (krb5_c_random_make_octets): Don't lock the mutex.
+
2004-06-16 Ken Raeburn <raeburn@mit.edu>
* Makefile.in (MAC_SUBDIRS): Don't set.
#include "yarrow.h"
static Yarrow_CTX y_ctx;
-static int inited, init_error;
-static k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
+static int init_error;
+#define yarrow_lock krb5int_yarrow_lock
+k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER;
/* Helper function to estimate entropy based on sample length
* and where it comes from.
}
int krb5int_prng_init(void)
-{
- return k5_mutex_finish_init(&yarrow_lock);
-}
-
-static void do_yarrow_init(void)
{
unsigned i;
int yerr;
+ yerr = k5_mutex_finish_init(&yarrow_lock);
+ if (yerr)
+ return yerr;
+
yerr = krb5int_yarrow_init (&y_ctx, NULL);
- if ((yerr != YARROW_OK) && (yerr != YARROW_NOT_SEEDED)) {
- init_error = yerr;
- return;
- }
+ if ((yerr != YARROW_OK) && (yerr != YARROW_NOT_SEEDED))
+ return KRB5_CRYPTO_INTERNAL;
for (i=0; i < KRB5_C_RANDSOURCE_MAX; i++ ) {
unsigned source_id;
- if (krb5int_yarrow_new_source (&y_ctx, &source_id) != YARROW_OK ) {
- init_error = 17;
- return;
- }
+ if (krb5int_yarrow_new_source (&y_ctx, &source_id) != YARROW_OK )
+ return KRB5_CRYPTO_INTERNAL;
assert (source_id == i);
}
- inited=1;
- init_error = 0;
+
+ return 0;
}
krb5_error_code KRB5_CALLCONV
if (yerr)
return yerr;
/* Now, finally, feed in the data. */
- yerr = k5_mutex_lock(&yarrow_lock);
- if (yerr)
- return yerr;
- if (!inited)
- do_yarrow_init();
- if (init_error) {
- k5_mutex_unlock(&yarrow_lock);
- return KRB5_CRYPTO_INTERNAL;
- }
yerr = krb5int_yarrow_input (&y_ctx, randsource,
data->data, data->length,
entropy_estimate (randsource, data->length));
- k5_mutex_unlock(&yarrow_lock);
if (yerr != YARROW_OK)
- return (KRB5_CRYPTO_INTERNAL);
+ return (KRB5_CRYPTO_INTERNAL);
return (0);
}
krb5_c_random_make_octets(krb5_context context, krb5_data *data)
{
int yerr;
- assert (inited);
- yerr = k5_mutex_lock(&yarrow_lock);
- if (yerr)
- return yerr;
yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length);
if (yerr == YARROW_NOT_SEEDED) {
yerr = krb5int_yarrow_reseed (&y_ctx, YARROW_SLOW_POOL);
if (yerr == YARROW_OK)
yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length);
}
- k5_mutex_unlock(&yarrow_lock);
if ( yerr != YARROW_OK)
return (KRB5_CRYPTO_INTERNAL);
return(0);
void krb5int_prng_cleanup (void)
{
- if (inited)
- krb5int_yarrow_final (&y_ctx);
+ krb5int_yarrow_final (&y_ctx);
k5_mutex_destroy(&yarrow_lock);
- inited = 0;
}
return 0;
}
for (left = sizeof (buf); left > 0;) {
- size_t count;
+ ssize_t count;
count = read (fd, &buf, (unsigned) left);
if (count <= 0) {
close(fd);
-18086b1e91f730facb2d6e1b
-c562653b24814eb3651b1e68301a3c14b96302bb
-6d017f7aef74662ed8dd51eef14281eaad223298db370bfaca
-30c04231cb3de404e4b8a5359a74066fd963291d7986be835834ab07870c097682a953bfff38784780eef844de47fb36c34f8e034c96cfa64d9cb5decee472138236e9fb79e9fe1fba6b7757b970f22477d167832206900473f09f3e8c822db6d9a8273340ed6743d99638d6cf192d821b6f33d23278b1a929f303a80865c426d01add11b2f2416babd13e70b44d8eeb731c09c7163af9d1a23cbe20ddb08b0f67ecaa2eed511263a67e9c12e59ef113f0b9e4e4e140b43896078a7571c61826ba099b3dd8c4b096a9785b4434e97ea99e662ba6fdb60a41547ccae4c67d3e1f3ef515198e91f009c75c9e80fda90d13ee29d8aad5d87cc2437ce60e6ce55700837fb0815bfd2495f8aa1a33fe67c1ae28a885506a78ca6257f5a5f2a8042e28680acc83b1aecb3a9cb51911126f2f0deaf14fcfa5f165e9a5c3f8f2d1c3f4683b2d75927a7bc802d63b680a5e22768cc0439854ccd49e58a002794f541bddd6ef6fbd4f9869843a72d0ae9d438c90353a46c0c9863a16b1de206c717ab7ce6ea6f648a38efa12b70bbe3388b35adec7a789ea98de217520d7d6ce699841e17e5946bf5a8b3c7a2c3e2d6767422baf3159ff08d913ec78011ab7d34bc24af26c24a8d46f7261c7705a7b270e27590c29583c659a0df8dada4e7a0532f115040165d18f74a55a4f39bb1dcfd865e94a488ca910cc447e121b2a19450239e75d24
+d2f8fbd707a8ece5cb11a02f
+eb4cb6e06236ea1c0529f7acbfca8d78cb85bb1d
+a244005ae870604342b0386025874ec4306c1dd483c118621b
+63e6408afdf9fd225839a7afcc6da6ae494fb4f82bd21ea06bb17ca0848bdae8cea671f545aac52699951caba960c536024b4102f47d61d61fd7b17582a4cf50ba7d215062558f71483249e079689893f3bf25def7f45f9e852281269904d401d6719e3115f6410088c6c5171e878494362684d2116633bb9ea8d9ed5faec73cb076c44d5d639bc2c8ae3de54f0e1e092d5ea439e607e9cd73053bbdf40723f5b48f298fdeeef845e22e06f2f6362fc67fba366e638a7988999d456dcc3d53b23388d685620a7c446d28cd94b13049761b64779db5412e78ac4bab2aacf103fd1b9ceb7213d43710d6a46fd4223fa20e0a68d3e16a82cbadea650ba815dc9ee99b4eb8e2acdac866a05d90ab9de3246db0560fb4b36633bb642c3ea9bf358937dda743f9cef1148791c2cac58995b8eb8fdb1c0cce1686e04ebef5ae7aae36691faafbe8920d3c013f125b687eb019faefa70fc750c52e2e2e33f426824bf1da31268a9bb8d9501f2290375755f8bf77b46639346b4011b78ce9d81105c7791ec5991a2f1eab037488b604df1a21c5c4e36a7c76dca5884d36e30fe8d30d0e7d93fab72062219390655eace2b434b0e2cd21ec9c5a8aa13e783afadcdf386fc43b960c518acb38d7e3da2f67695c1c1c25c4f251b40f4c2e42e89f6f642c32e66159f6ce24aa910fb5d95e3a899a4de5efcf570996e1a662d14362b65d00524df79cd56be93bd572526e4dfd1cf9f7586bc021105cf5456b28c1f45a6d354d000a113e15f64aa0b5253830c07afc8fa47b58dbba8bbae1645b2093035f2387036229dec6f7141b444b8bb7d0382a742bd5c746ba2d7af3af1cadb2dd90bda87d5daed2d2eebd243c7b2d06955d0cc7fe1061d4cfa3b061aaeb97084d9f9a7ec9dbe9e642f4f090d57b5ea1bd8b393f00896d3dc7089e1fc4c2fed7336c2a8c6d119a682c6cc4ae1ccedd30292f2c5570bf4d6287ce8e20b8b34e7fc38e87273f588cd33b8c913defaee5f6bf8fdeda72531c845a6f97a84d5e9b9a6497d4c48614dee7693df35faedc008fded852be8d4bffd475476336e54ed48a827b99d3f0e39019a40d43aef5ae522ec6e280f6a8e7d2713f3c3188bed2476a84af5a5afefa0fa178ed07de0e073693e8790f8bbd0cf9183e48f140b556e723565c382cf7a4c186748189a14e603e4ac70e2b80c266334231207721d16d834a973b48cfec584620624686603cfd66d55dbf8dd8eccd99d85f041c624ec3a7bec314af95d2313afd43cc5cc19249cf85b7ab0b5a4530b597341e7477b249fef1a07eb0d8fa790e9bce752e8b2f7086e98ab44751e0a1b37f29682ce67c0de7a2fd036f26ed719fc343bbf49432aec651d884c99c24d5943c747f7ec3b48d4c2236a8cb6151794daeda073774cc88ff121fdd423b81ef2f34c8f281ca2e5366faee87ff7a623484f2937cc0680ed76ead32b43cb6c67a21f8089b435f38a404d267397c6435cfac16591a3573d9e92f8c4a8028719c22662b903ddb16e08ea7bb2d6b8938c06bdddb4d174c7f2c5d812ed3a34ba8859a1ae841b3b9d5522372018c9aa55b048df826f05a087f185808cb66899f320783a1c4aa2dcd5f2665405ba7e5726e122b67559a39da30956e49fe7711d1b2506e159c5ea42ce0a1ad497220ee3b3e5ebcb73db975bd08e8be56e5f4533b8295b10d4b0fef466de6540f8fe10530c9716d83a12f5ffbba5b4dbc50ed89388d04e7a15d3d9d251041ed5303efa2525bc62a5aeb821f7838676811784584534be8a7fc667f09c3fe1bbf7d0aad29324f562086ecb8326829413867
-7a2f63cdd9b0bfae94b75ee554be49ff8e7bc82e
+fd543f42aded9bd725c9b05682cd0f504c1b33d1
de 7c f0 c5 6a 37 0b 34 f4 0c 3a 19 31 eb 66 f1
ae 5f c6 a3 64 3f 2e a9 76 e1 87 93 df b6 94 86
bd 96 57 3f 31 e6 88 8c
-512
+1290
+2005-01-13 Ken Raeburn <raeburn@mit.edu>
+
+ * yarrow.c (yarrow_reseed_locked): Renamed from
+ krb5int_yarrow_reseed and made static.
+ (Yarrow_detect_fork, yarrow_input_maybe_locking,
+ krb5int_yarrow_output_Block): Call it.
+ (krb5int_yarrow_reseed): New function, grabs lock and calls the
+ old version.
+ (krb5int_yarrow_final): Hold the lock until after clearing the
+ Yarrow context data.
+
+2004-11-22 Ken Raeburn <raeburn@mit.edu>
+
+ * yarrow.c (yarrow_input_maybe_locking): Renamed from
+ yarrow_input_maybe_locking, made static. New argument indicates
+ whether or not to do locking.
+ (krb5int_yarrow_input): New wrapper function.
+ (yarrow_input_locked): New wrapper function.
+ (Yarrow_detect_fork): Call yarrow_input_locked.
+
+2004-11-15 Sam Hartman <hartmans@mit.edu>
+
+ * ycipher.h: Use AES256 not 3des
+
+2004-11-01 Ken Raeburn <raeburn@mit.edu>
+
+ * yarrow.c (krb5int_yarrow_input, krb5int_yarrow_final): Don't
+ check for forking here.
+ (yarrow_output_locked): Split out from krb5int_yarrow_output,
+ without locking.
+ (krb5int_yarrow_output): Do locking and call yarrow_output_locked.
+ (yarrow_gate_locked): New function; uses yarrow_output_locked.
+ (krb5int_yarrow_output_Block): Use yarrow_gate_locked.
+
+2004-10-29 Ken Raeburn <raeburn@mit.edu>
+
+ * ylock.h: Include k5-thread.h.
+ (krb5int_yarrow_lock): Declare.
+ (LOCK, UNLOCK): Define as macros using the k5_mutex_ macros.
+
2004-06-04 Ken Raeburn <raeburn@mit.edu>
* yarrow.c (yarrow_str_error): Now const.
}
}
+static int yarrow_reseed_locked( Yarrow_CTX* y, int pool );
+
/* if the program was forked, the child must not operate on the same
PRNG state */
#ifdef YARROW_DETECT_FORK
+static int
+yarrow_input_locked( Yarrow_CTX* y, unsigned source_id,
+ const void *sample,
+ size_t size, size_t entropy_bits );
+
static int Yarrow_detect_fork(Yarrow_CTX *y)
{
pid_t newpid;
* Then we reseed. This doesn't really increase entropy, but does make the
* streams distinct assuming we already have good entropy*/
y->pid = newpid;
- TRY (krb5int_yarrow_input (y, 0, &newpid,
- sizeof (newpid), 0));
- TRY (krb5int_yarrow_input (y, 0, &newpid,
- sizeof (newpid), 0));
- TRY (krb5int_yarrow_reseed (y, YARROW_FAST_POOL));
- }
+ TRY (yarrow_input_locked (y, 0, &newpid,
+ sizeof (newpid), 0));
+ TRY (yarrow_input_locked (y, 0, &newpid,
+ sizeof (newpid), 0));
+ TRY (yarrow_reseed_locked (y, YARROW_FAST_POOL));
+ }
CATCH:
EXCEP_RET;
EXCEP_RET;
}
-YARROW_DLL
-int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id,
- const void* sample,
- size_t size, size_t entropy_bits )
+static
+int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id,
+ const void* sample,
+ size_t size, size_t entropy_bits,
+ int do_lock )
{
EXCEP_DECL;
int ret;
size_t estimate;
if (!y) { THROW( YARROW_BAD_ARG ); }
- TRY( Yarrow_detect_fork( y ) );
if (source_id >= y->num_sources) { THROW( YARROW_BAD_SOURCE ); }
THROW( YARROW_BAD_SOURCE );
}
- TRY( LOCK() );
- locked = 1;
+ if (do_lock) {
+ TRY( LOCK() );
+ locked = 1;
+ }
/* hash in the sample */
{
if (source->entropy[YARROW_FAST_POOL] >= y->fast_thresh)
{
- ret = krb5int_yarrow_reseed(y, YARROW_FAST_POOL);
+ ret = yarrow_reseed_locked(y, YARROW_FAST_POOL);
if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED )
{
THROW( ret );
if (y->slow_k_of_n >= y->slow_k_of_n_thresh)
{
y->slow_k_of_n = 0;
- ret = krb5int_yarrow_reseed(y, YARROW_SLOW_POOL);
+ ret = yarrow_reseed_locked(y, YARROW_SLOW_POOL);
if ( ret != YARROW_OK && ret != YARROW_NOT_SEEDED )
{
THROW( ret );
EXCEP_RET;
}
+YARROW_DLL
+int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id,
+ const void* sample,
+ size_t size, size_t entropy_bits )
+{
+ return yarrow_input_maybe_locking(y, source_id, sample, size,
+ entropy_bits, 1);
+}
+
+static int
+yarrow_input_locked( Yarrow_CTX* y, unsigned source_id,
+ const void *sample,
+ size_t size, size_t entropy_bits )
+{
+ return yarrow_input_maybe_locking(y, source_id, sample, size,
+ entropy_bits, 0);
+}
+
YARROW_DLL
int krb5int_yarrow_new_source(Yarrow_CTX* y, unsigned* source_id)
{
if (y->out_count >= y->Pg)
{
y->out_count = 0;
- TRY( krb5int_yarrow_gate( y ) );
+ TRY( yarrow_gate_locked( y ) );
/* require new seed after reaching gates_limit */
TRACE( printf( "OUTPUT LIMIT REACHED," ); );
- TRY( krb5int_yarrow_reseed( y, YARROW_SLOW_POOL ) );
+ TRY( yarrow_reseed_locked( y, YARROW_SLOW_POOL ) );
}
}
EXCEP_RET;
}
+static int yarrow_output_locked(Yarrow_CTX*, void*, size_t);
+
YARROW_DLL
int krb5int_yarrow_output( Yarrow_CTX* y, void* out, size_t size )
{
EXCEP_DECL;
- int locked = 0;
+ TRY( LOCK() );
+ TRY( yarrow_output_locked(y, out, size));
+CATCH:
+ UNLOCK();
+ EXCEP_RET;
+}
+
+static
+int yarrow_output_locked( Yarrow_CTX* y, void* out, size_t size )
+{
+ EXCEP_DECL;
size_t left;
char* outp;
size_t use;
left = size;
outp = out;
- TRY( LOCK() );
-
if (y->out_left > 0)
{
use = min(left, y->out_left);
}
CATCH:
- if ( locked ) { TRY( UNLOCK() ); }
+ EXCEP_RET;
+}
+
+static int yarrow_gate_locked(Yarrow_CTX* y)
+{
+ EXCEP_DECL;
+ byte new_K[CIPHER_KEY_SIZE];
+
+ if (!y) { THROW( YARROW_BAD_ARG ); }
+ TRACE( printf( "GATE[" ); );
+
+ /* K <- Next k bits of PRNG output */
+
+ TRY( yarrow_output_locked(y, new_K, CIPHER_KEY_SIZE) );
+ mem_copy(y->K, new_K, CIPHER_KEY_SIZE);
+
+ /* need to resetup the key schedule as the key has changed */
+
+ TRY (krb5int_yarrow_cipher_init(&y->cipher, y->K));
+
+ CATCH:
+ TRACE( printf( "]," ); );
+ mem_zero(new_K, sizeof(new_K));
EXCEP_RET;
}
#endif
-int krb5int_yarrow_reseed(Yarrow_CTX* y, int pool)
+static int yarrow_reseed_locked(Yarrow_CTX* y, int pool)
{
EXCEP_DECL;
HASH_CTX* fast_pool = &y->pool[YARROW_FAST_POOL];
EXCEP_RET;
}
+int krb5int_yarrow_reseed(Yarrow_CTX* y, int pool)
+{
+ int r;
+ LOCK();
+ r = yarrow_reseed_locked(y, pool);
+ UNLOCK();
+ return r;
+}
int krb5int_yarrow_stretch(const byte* m, size_t size, byte* out, size_t out_size)
{
int locked = 0;
if (!y) { THROW( YARROW_BAD_ARG ); }
- TRY( Yarrow_detect_fork(y) );
TRY( LOCK() );
locked = 1;
#endif
CATCH:
- if ( locked ) { TRY( UNLOCK() ); }
krb5int_yarrow_cipher_final(&y->cipher);
mem_zero( y, sizeof(Yarrow_CTX) );
+ if ( locked ) { TRY( UNLOCK() ); }
EXCEP_RET;
}
* call the enc_provider function to get the info.
*/
-#define yarrow_enc_provider krb5int_enc_des3
+#define yarrow_enc_provider krb5int_enc_aes256
-#define CIPHER_BLOCK_SIZE 8
-#define CIPHER_KEY_SIZE 21
+#define CIPHER_BLOCK_SIZE 16
+#define CIPHER_KEY_SIZE 32
#if defined( YARROW_NO_MATHLIB )
/* see macros at end for functions evaluated */
-#define POW_CIPHER_KEY_SIZE 72057594037927936.0
-#define POW_CIPHER_BLOCK_SIZE 18446744073709551616.0
+#define POW_CIPHER_KEY_SIZE 115792089237316195423570985008687907853269984665640564039457584007913129639936.0
+#define POW_CIPHER_BLOCK_SIZE 340282366920938463463374607431768211456.0
#endif
* and YARROW_LOCKING on failure
*/
-
+#if 0
static int LOCK( void ) { return (YARROW_OK); }
static int UNLOCK( void ) { return (YARROW_OK); }
+#else
+#include "k5-thread.h"
+extern k5_mutex_t krb5int_yarrow_lock;
+#define LOCK() (k5_mutex_lock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
+#define UNLOCK() (k5_mutex_unlock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK)
+#endif
#endif /* YLOCK_H */
+2005-01-13 Jeffrey Altman <jaltman@mit.edu>
+
+ * init_sec_context.c, acquire_cred.c: fix calls to
+ krb5_gss_release_cred() to pass in the correct type.
+ This fixes a mutex leak.
+
2004-08-27 Tom Yu <tlyu@mit.edu>
* init_sec_context.c (make_ap_req_v1): Free checksum data
if ((cred_usage != GSS_C_INITIATE) &&
(cred_usage != GSS_C_ACCEPT) &&
(cred_usage != GSS_C_BOTH)) {
+ k5_mutex_destroy(&cred->lock);
xfree(cred);
*minor_status = (OM_uint32) G_BAD_USAGE;
krb5_free_context(context);
!= GSS_S_COMPLETE) {
if (cred->princ)
krb5_free_principal(context, cred->princ);
- xfree(cred);
+ k5_mutex_destroy(&cred->lock);
+ xfree(cred);
/* minor_status set by acquire_accept_cred() */
krb5_free_context(context);
return(ret);
krb5_kt_close(context, cred->keytab);
if (cred->princ)
krb5_free_principal(context, cred->princ);
- xfree(cred);
+ k5_mutex_destroy(&cred->lock);
+ xfree(cred);
/* minor_status set by acquire_init_cred() */
krb5_free_context(context);
return(ret);
(void)krb5_cc_close(context, cred->ccache);
if (cred->keytab)
(void)krb5_kt_close(context, cred->keytab);
- xfree(cred);
+ k5_mutex_destroy(&cred->lock);
+ xfree(cred);
*minor_status = code;
krb5_free_context(context);
return(GSS_S_FAILURE);
(void)krb5_kt_close(context, cred->keytab);
if (cred->princ)
krb5_free_principal(context, cred->princ);
- xfree(cred);
+ k5_mutex_destroy(&cred->lock);
+ xfree(cred);
*minor_status = code;
krb5_free_context(context);
return(GSS_S_FAILURE);
(void)krb5_kt_close(context, cred->keytab);
if (cred->princ)
krb5_free_principal(context, cred->princ);
+ k5_mutex_destroy(&cred->lock);
xfree(cred);
/* *minor_status set above */
krb5_free_context(context);
(void)krb5_kt_close(context, cred->keytab);
if (cred->princ)
krb5_free_principal(context, cred->princ);
+ k5_mutex_destroy(&cred->lock);
xfree(cred);
*minor_status = (OM_uint32) G_VALIDATE_FAILED;
krb5_free_context(context);
if (err) {
k5_mutex_unlock(&cred->lock);
if (claimant_cred_handle == GSS_C_NO_CREDENTIAL)
- krb5_gss_release_cred(minor_status, (gss_cred_id_t)cred);
+ krb5_gss_release_cred(minor_status, (gss_cred_id_t)&cred);
*minor_status = 0;
if (*context_handle == GSS_C_NO_CONTEXT)
krb5_free_context(context);
}
if (claimant_cred_handle == GSS_C_NO_CREDENTIAL)
- krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t)cred);
+ krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t)&cred);
return(major_status);
}
+2004-12-20 Tom Yu <tlyu@mit.edu>
+
+ * svr_principal.c (add_to_history): Rewrite somewhat, using
+ temporary variables to make things somewhat more readable. Fix
+ buffer overflow case where the next pointer points into
+ unallocated space but resizing wasn't done, i.e., when someone
+ decreases the policy history count to the exact "right" number.
+ Fix some memory leaks. To avoid losing entries, shift some
+ entries forward after growing the array.
+
2004-08-21 Tom Yu <tlyu@mit.edu>
* libkadm5srv.exports: Update for previous renaming.
* array where the next element should be written, and must be [0,
* adb->old_key_len).
*/
-#define KADM_MOD(x) (x + adb->old_key_next) % adb->old_key_len
static kadm5_ret_t add_to_history(krb5_context context,
osa_princ_ent_t adb,
kadm5_policy_ent_t pol,
osa_pw_hist_ent *pw)
{
osa_pw_hist_ent *histp;
- int i;
+ uint32_t nhist;
+ unsigned int i, knext, nkeys;
+ nhist = pol->pw_history_num;
/* A history of 1 means just check the current password */
- if (pol->pw_history_num == 1)
+ if (nhist <= 1)
return 0;
+ nkeys = adb->old_key_len;
+ knext = adb->old_key_next;
/* resize the adb->old_keys array if necessary */
- if (adb->old_key_len < pol->pw_history_num-1) {
+ if (nkeys + 1 < nhist) {
if (adb->old_keys == NULL) {
adb->old_keys = (osa_pw_hist_ent *)
- malloc((adb->old_key_len + 1) * sizeof (osa_pw_hist_ent));
+ malloc((nkeys + 1) * sizeof (osa_pw_hist_ent));
} else {
adb->old_keys = (osa_pw_hist_ent *)
realloc(adb->old_keys,
- (adb->old_key_len + 1) * sizeof (osa_pw_hist_ent));
+ (nkeys + 1) * sizeof (osa_pw_hist_ent));
}
if (adb->old_keys == NULL)
return(ENOMEM);
- memset(&adb->old_keys[adb->old_key_len],0,sizeof(osa_pw_hist_ent));
- adb->old_key_len++;
- } else if (adb->old_key_len > pol->pw_history_num-1) {
+ memset(&adb->old_keys[nkeys], 0, sizeof(osa_pw_hist_ent));
+ nkeys = ++adb->old_key_len;
+ /*
+ * To avoid losing old keys, shift forward each entry after
+ * knext.
+ */
+ for (i = nkeys - 1; i > knext; i--) {
+ adb->old_keys[i] = adb->old_keys[i - 1];
+ }
+ memset(&adb->old_keys[knext], 0, sizeof(osa_pw_hist_ent));
+ } else if (nkeys + 1 > nhist) {
/*
* The policy must have changed! Shrink the array.
* Can't simply realloc() down, since it might be wrapped.
* where N = pw_history_num - 1 is the length of the
* shortened list. Matt Crawford, FNAL
*/
+ /*
+ * M = adb->old_key_len, N = pol->pw_history_num - 1
+ *
+ * tmp[0] .. tmp[N-1] = old[(knext-N)%M] .. old[(knext-1)%M]
+ */
int j;
- histp = (osa_pw_hist_ent *)
- malloc((pol->pw_history_num - 1) * sizeof (osa_pw_hist_ent));
- if (histp) {
- for (i = 0; i < pol->pw_history_num - 1; i++) {
- /* We need the number we use the modulus operator on to be
- positive, so after subtracting pol->pw_history_num-1, we
- add back adb->old_key_len. */
- j = KADM_MOD(i - (pol->pw_history_num - 1) + adb->old_key_len);
- histp[i] = adb->old_keys[j];
+ osa_pw_hist_t tmp;
+
+ tmp = (osa_pw_hist_ent *)
+ malloc((nhist - 1) * sizeof (osa_pw_hist_ent));
+ if (tmp == NULL)
+ return ENOMEM;
+ for (i = 0; i < nhist - 1; i++) {
+ /*
+ * Add nkeys once before taking remainder to avoid
+ * negative values.
+ */
+ j = (i + nkeys + knext - (nhist - 1)) % nkeys;
+ tmp[i] = adb->old_keys[j];
+ }
+ /* Now free the ones we don't keep (the oldest ones) */
+ for (i = 0; i < nkeys - (nhist - 1); i++) {
+ j = (i + nkeys + knext) % nkeys;
+ histp = &adb->old_keys[j];
+ for (j = 0; j < histp->n_key_data; j++) {
+ krb5_free_key_data_contents(context, &histp->key_data[j]);
}
- /* Now free the ones we don't keep (the oldest ones) */
- for (i = 0; i < adb->old_key_len - (pol->pw_history_num - 1); i++)
- for (j = 0; j < adb->old_keys[KADM_MOD(i)].n_key_data; j++)
- krb5_free_key_data_contents(context,
- &adb->old_keys[KADM_MOD(i)].key_data[j]);
- free((void *)adb->old_keys);
- adb->old_keys = histp;
- adb->old_key_len = pol->pw_history_num - 1;
- adb->old_key_next = 0;
- } else {
- return(ENOMEM);
+ free(histp->key_data);
}
+ free((void *)adb->old_keys);
+ adb->old_keys = tmp;
+ nkeys = adb->old_key_len = nhist - 1;
+ knext = adb->old_key_next = 0;
}
+ /*
+ * If nhist decreased since the last password change, and nkeys+1
+ * is less than the previous nhist, it is possible for knext to
+ * index into unallocated space. This condition would not be
+ * caught by the resizing code above.
+ */
+ if (knext + 1 > nkeys)
+ knext = adb->old_key_next = 0;
/* free the old pw history entry if it contains data */
- histp = &adb->old_keys[adb->old_key_next];
+ histp = &adb->old_keys[knext];
for (i = 0; i < histp->n_key_data; i++)
krb5_free_key_data_contents(context, &histp->key_data[i]);
-
+ free(histp->key_data);
+
/* store the new entry */
- adb->old_keys[adb->old_key_next] = *pw;
+ adb->old_keys[knext] = *pw;
/* update the next pointer */
- if (++adb->old_key_next == pol->pw_history_num-1)
- adb->old_key_next = 0;
+ if (++adb->old_key_next == nhist - 1)
+ adb->old_key_next = 0;
return(0);
}
-#undef KADM_MOD
#ifdef USE_PASSWORD_SERVER
+2004-12-08 Ken Raeburn <raeburn@mit.edu>
+
+ * RealmsConfig-glue.c (krb_get_krbhst): Check if DNS should be
+ used for getting KDC names before actually using it.
+
2004-07-16 Ken Raeburn <raeburn@mit.edu>
* macsock.c: Deleted.
if (err)
break;
- realmdat.data = realm;
- realmdat.length = strlen(realm);
- err = k5.make_srv_query_realm(&realmdat, "_kerberos-iv", "_udp", &srv);
- if (err)
- break;
+ if (k5.use_dns_kdc(krb5__krb4_context)) {
+ realmdat.data = realm;
+ realmdat.length = strlen(realm);
+ err = k5.make_srv_query_realm(&realmdat, "_kerberos-iv", "_udp",
+ &srv);
+ if (err)
+ break;
- if (srv == 0)
- break;
+ if (srv == 0)
+ break;
- if (dnscache.srv)
- k5.free_srv_dns_data(dnscache.srv);
- dnscache.srv = srv;
- strncpy(dnscache.realm, realm, REALM_SZ);
- dnscache.when = now;
- goto get_from_dnscache;
+ if (dnscache.srv)
+ k5.free_srv_dns_data(dnscache.srv);
+ dnscache.srv = srv;
+ strncpy(dnscache.realm, realm, REALM_SZ);
+ dnscache.when = now;
+ goto get_from_dnscache;
+ }
} while (0);
#endif
return KFAILURE;
+2005-01-04 Jeffrey Altman <jaltman@mit.edu>
+
+ * libkrb5.exports: add krb5_is_thread_safe
+
2004-08-08 Ken Raeburn <raeburn@mit.edu>
* libkrb5.exports: Remove memory ccache symbols except ops table.
+2004-12-28 Ezra Peisach <epeisach@mit.edu>
+
+ * asn1_decode.c (asn1_decode_generaltime): Fix memory leak when
+ time sent is "19700101000000Z".
+
2004-08-31 Tom Yu <tlyu@mit.edu>
* asn1buf.c: Fix denial-of-service bug.
}
if(s[0] == '1' && !memcmp("19700101000000Z", s, 15)) {
t = 0;
+ free(s);
goto done;
}
#define c2i(c) ((c)-'0')
+2005-01-13 Ken Raeburn <raeburn@mit.edu>
+
+ * cc_file.c (struct _krb5_fcc_data): Fields disk_file_lock,
+ file_is_locked deleted.
+ (krb5_fcc_open_file, krb5_fcc_close_file, dereference,
+ krb5_fcc_resolve, krb5_fcc_generate_new, krb5_fcc_set_flags):
+ Don't set or check them.
+
+2005-01-11 Jeffrey Altman <jaltman@mit.edu>
+
+ * cc_mslsa.c:
+ - do not free krb5_creds if krb5_copy_creds fails
+ - cause MSTicketToMITTicket to return failure if
+ krb5_copy_data fails
+
+2004-12-25 Ezra Peisach <epeisach@mit.edu>
+
+ * cc_file.c (krb5_fcc_close): Free the cache id.
+ (dereference): When removing fcc_set entry from list, free the
+ pointer as well.
+
+2004-12-16 Jeffrey Altman <jaltman@mit.edu>
+ * cc_mslsa.c:
+ Temporarily deactivate support for KerbSubmitTicketMessage
+ and KerbQueryTicketCacheEx2Message until the new Platform SDK
+ becomes publicly available.
+
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * cc_mslsa.c:
+ - Activate support for KerbSubmitTicketMessage
+ - Activate support for KerbQueryTicketCacheEx2Message
+ - Add locale support for regions which use MultiByte characters
+
+2004-11-19 Ken Raeburn <raeburn@mit.edu>
+
+ * cc_mslsa.c (MSCredToMITCred): Don't create an empty array for
+ addresses, just use a null pointer now.
+
2004-10-07 Jeffrey Altman <jaltman@mit.edu>
* cc_mslsa.c: Fix the forced setting of the Initial Ticket Flag
on Win2000 and add it to XP and 2003 SP1
that can be changed. (Filename is fixed after
initialization.) */
k5_mutex_t lock;
- /* Grab this one before trying to get an advisory lock on the disk
- file, since the facility is per-process, not per-thread. */
- k5_mutex_t disk_file_lock;
- int file_is_locked;
int file;
krb5_flags flags;
int mode; /* needed for locking code */
return KRB5_FCC_INTERNAL;
retval = krb5_unlock_file(context, data->file);
- k5_mutex_unlock(&data->disk_file_lock);
ret = close (data->file);
- data->file_is_locked = 0;
data->file = NO_FILE;
if (retval)
return retval;
if (data->file != NO_FILE) {
/* Don't know what state it's in; shut down and start anew. */
- if (data->file_is_locked) {
- (void) krb5_unlock_file(context, data->file);
- k5_mutex_unlock(&data->disk_file_lock);
- data->file_is_locked = 0;
- }
+ (void) krb5_unlock_file(context, data->file);
(void) close (data->file);
data->file = NO_FILE;
}
lock_flag = KRB5_LOCKMODE_SHARED;
else
lock_flag = KRB5_LOCKMODE_EXCLUSIVE;
- retval = k5_mutex_lock(&data->disk_file_lock);
- if (retval) {
- close(f);
- return retval;
- }
if ((retval = krb5_lock_file(context, f, lock_flag))) {
- k5_mutex_unlock(&data->disk_file_lock);
(void) close(f);
return retval;
}
- data->file_is_locked = 1;
if (mode == FCC_OPEN_AND_ERASE) {
/* write the version number */
if (retval) {
data->file = -1;
(void) krb5_unlock_file(context, f);
- (void) k5_mutex_unlock(&data->disk_file_lock);
- data->file_is_locked = 0;
(void) close(f);
}
return retval;
assert(*fccsp != NULL);
(*fccsp)->refcount--;
if ((*fccsp)->refcount == 0) {
+ struct fcc_set *temp;
data = (*fccsp)->data;
+ temp = *fccsp;
*fccsp = (*fccsp)->next;
+ free(temp);
k5_mutex_unlock(&krb5int_cc_file_mutex);
+ k5_mutex_assert_unlocked(&data->lock);
free(data->filename);
zap(data->buf, sizeof(data->buf));
if (data->file >= 0) {
krb5_fcc_close_file(context, data);
k5_mutex_unlock(&data->lock);
}
- k5_mutex_assert_unlocked(&data->lock);
k5_mutex_destroy(&data->lock);
- k5_mutex_destroy(&data->disk_file_lock);
free(data);
} else
k5_mutex_unlock(&krb5int_cc_file_mutex);
krb5_fcc_close(krb5_context context, krb5_ccache id)
{
dereference(context, (krb5_fcc_data *) id->data);
+ krb5_xfree(id);
return KRB5_OK;
}
free(data);
return kret;
}
- kret = k5_mutex_init(&data->disk_file_lock);
- if (kret) {
- k5_mutex_unlock(&krb5int_cc_file_mutex);
- k5_mutex_unlock(&data->lock);
- k5_mutex_destroy(&data->lock);
- free(data->filename);
- free(data);
- return kret;
- }
/* data->version,mode filled in for real later */
data->version = data->mode = 0;
- data->file_is_locked = 0;
data->flags = KRB5_TC_OPENCLOSE;
data->file = -1;
data->valid_bytes = 0;
setptr = malloc(sizeof(struct fcc_set));
if (setptr == NULL) {
k5_mutex_unlock(&krb5int_cc_file_mutex);
- k5_mutex_destroy(&data->disk_file_lock);
k5_mutex_destroy(&data->lock);
free(data->filename);
free(data);
retcode = k5_mutex_init(&data->lock);
if (retcode)
goto err_out;
- retcode = k5_mutex_init(&data->disk_file_lock);
- if (retcode) {
- k5_mutex_destroy(&data->lock);
- goto err_out;
- }
- data->file_is_locked = 0;
/* Set up the filename */
strcpy(((krb5_fcc_data *) lid->data)->filename, scratch);
/* XXX This should check for illegal combinations, if any.. */
if (flags & KRB5_TC_OPENCLOSE) {
/* asking to turn on OPENCLOSE mode */
- if (!OPENCLOSE(id))
+ if (!OPENCLOSE(id)
+ /* XXX Is this test necessary? */
+ && ((krb5_fcc_data *) id->data)->file != NO_FILE)
(void) krb5_fcc_close_file (context, ((krb5_fcc_data *) id->data));
} else {
/* asking to turn off OPENCLOSE mode, meaning it must be
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
* OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
- * Implementation of microsoft windows lsa credentials cache
+ * Implementation of microsoft windows lsa read-only credentials cache
*/
#ifdef _WIN32
#define MAX_MSPRINC_SIZE 1024
/* THREAD SAFETY
- * The functions is_windows_2000(), is_windows_xp(),
- * does_retrieve_ticket_cache_ticket() and does_query_ticket_cache_ex2()
- * contain static variables to cache the responses of the tests being
- * performed. There is no harm in the test being performed more than
- * once since the result will always be the same.
+ * The functions is_windows_2000(), is_windows_xp(), and
+ * does_retrieve_ticket_cache_ticket() contain static variables to cache
+ * the responses of the tests being performed. There is no harm in the
+ * test being performed more than once since the result will always be the
+ * same.
*/
static BOOL
GetCPInfo(CP_ACP, &CodePageInfo);
- if (CodePageInfo.MaxCharSize > 1)
+ if (CodePageInfo.MaxCharSize > 1) {
// Only supporting non-Unicode strings
- return FALSE;
+ int reqLen = WideCharToMultiByte(CP_ACP, 0, (LPCWSTR) lpInputString, -1,
+ NULL, 0, NULL, NULL);
+ if ( reqLen > nOutStringLen)
+ {
+ return FALSE;
+ } else {
+ WideCharToMultiByte(CP_ACP, 0, (LPCWSTR) lpInputString, -1,
+ lpszOutputString, nOutStringLen, NULL, NULL);
+ }
+ }
else if (((LPBYTE) lpInputString)[1] == '\0')
{
// Looks like unicode, better translate it
}
else
lstrcpyA(lpszOutputString, (LPSTR) lpInputString);
+
return TRUE;
} // UnicodeToANSI
static VOID
WINAPI
-ANSIToUnicode(LPSTR lpInputString, LPTSTR lpszOutputString, int nOutStringLen)
+ANSIToUnicode(LPSTR lpInputString, LPTSTR lpszOutputString, int nOutStringLen)
{
CPINFO CodePageInfo;
GetCPInfo(CP_ACP, &CodePageInfo);
- if (CodePageInfo.MaxCharSize > 1)
- // It must already be a Unicode string
- return;
- else if (((LPBYTE) lpInputString)[1] != '\0')
+ if (CodePageInfo.MaxCharSize > 1 || ((LPBYTE) lpInputString)[1] != '\0')
{
- // Looks like ANSI, better translate it
+ // Looks like ANSI or MultiByte, better translate it
MultiByteToWideChar(CP_ACP, 0, (LPCSTR) lpInputString, -1,
(LPWSTR) lpszOutputString, nOutStringLen);
}
}
}
-static void
+static BOOL
UnicodeStringToMITPrinc(UNICODE_STRING *service, WCHAR *realm, krb5_context context,
- krb5_principal *principal)
+ krb5_principal *principal)
{
WCHAR princbuf[512];
char aname[512];
princbuf[service->Length/sizeof(WCHAR)]=0;
wcscat(princbuf, L"@");
wcscat(princbuf, realm);
- UnicodeToANSI(princbuf, aname, sizeof(aname));
- krb5_parse_name(context, aname, principal);
+ if (UnicodeToANSI(princbuf, aname, sizeof(aname))) {
+ krb5_parse_name(context, aname, principal);
+ return TRUE;
+ }
+ return FALSE;
}
-static void
+static BOOL
KerbExternalNameToMITPrinc(KERB_EXTERNAL_NAME *msprinc, WCHAR *realm, krb5_context context,
- krb5_principal *principal)
+ krb5_principal *principal)
{
WCHAR princbuf[512],tmpbuf[128];
char aname[512];
}
wcscat(princbuf, L"@");
wcscat(princbuf, realm);
- UnicodeToANSI(princbuf, aname, sizeof(aname));
- krb5_parse_name(context, aname, principal);
+ if (UnicodeToANSI(princbuf, aname, sizeof(aname))) {
+ krb5_parse_name(context, aname, principal);
+ return TRUE;
+ }
+ return FALSE;
}
static time_t
*mitflags=msflags;
}
-static void
+static BOOL
MSTicketToMITTicket(KERB_EXTERNAL_TICKET *msticket, krb5_context context, krb5_data *ticket)
{
- krb5_data tmpdata, *newdata;
+ krb5_data tmpdata, *newdata = 0;
+ krb5_error_code rc;
+
tmpdata.magic=KV5M_DATA;
tmpdata.length=msticket->EncodedTicketSize;
tmpdata.data=msticket->EncodedTicket;
// this is ugly and will break krb5_free_data()
// now that this is being done within the library it won't break krb5_free_data()
- krb5_copy_data(context, &tmpdata, &newdata);
+ rc = krb5_copy_data(context, &tmpdata, &newdata);
+ if (rc)
+ return FALSE;
+
memcpy(ticket, newdata, sizeof(krb5_data));
+ krb5_xfree(newdata);
+ return TRUE;
}
/*
}
-static void
+static BOOL
MSCredToMITCred(KERB_EXTERNAL_TICKET *msticket, UNICODE_STRING ClientRealm,
krb5_context context, krb5_creds *creds)
{
// construct Client Principal
wcsncpy(wrealm, ClientRealm.Buffer, ClientRealm.Length/sizeof(WCHAR));
wrealm[ClientRealm.Length/sizeof(WCHAR)]=0;
- KerbExternalNameToMITPrinc(msticket->ClientName, wrealm, context, &creds->client);
+ if (!KerbExternalNameToMITPrinc(msticket->ClientName, wrealm, context, &creds->client))
+ return FALSE;
// construct Service Principal
wcsncpy(wrealm, msticket->DomainName.Buffer,
msticket->DomainName.Length/sizeof(WCHAR));
wrealm[msticket->DomainName.Length/sizeof(WCHAR)]=0;
- KerbExternalNameToMITPrinc(msticket->ServiceName, wrealm, context, &creds->server);
+ if (!KerbExternalNameToMITPrinc(msticket->ServiceName, wrealm, context, &creds->server))
+ return FALSE;
MSSessionKeyToMITKeyblock(&msticket->SessionKey, context,
&creds->keyblock);
MSFlagsToMITFlags(msticket->TicketFlags, &creds->ticket_flags);
creds->times.starttime=FileTimeToUnixTime(&msticket->StartTime);
creds->times.endtime=FileTimeToUnixTime(&msticket->EndTime);
creds->times.renew_till=FileTimeToUnixTime(&msticket->RenewUntil);
+ creds->addresses = NULL;
- /* MS Tickets are addressless. MIT requires an empty address
- * not a NULL list of addresses.
- */
- creds->addresses = (krb5_address **)malloc(sizeof(krb5_address *));
- memset(creds->addresses, 0, sizeof(krb5_address *));
-
- MSTicketToMITTicket(msticket, context, &creds->ticket);
-}
-
-#ifdef HAVE_CACHE_INFO_EX2
-/* CacheInfoEx2ToMITCred is used when we do not need the real ticket */
-static void
-CacheInfoEx2ToMITCred(KERB_TICKET_CACHE_INFO_EX2 *info,
- krb5_context context, krb5_creds *creds)
-{
- WCHAR wrealm[128];
- ZeroMemory(creds, sizeof(krb5_creds));
- creds->magic=KV5M_CREDS;
-
- // construct Client Principal
- wcsncpy(wrealm, info->ClientRealm.Buffer, info->ClientRealm.Length/sizeof(WCHAR));
- wrealm[info->ClientRealm.Length/sizeof(WCHAR)]=0;
- UnicodeStringToMITPrinc(&info->ClientName, wrealm, context, &creds->client);
-
- // construct Service Principal
- wcsncpy(wrealm, info->ServerRealm.Buffer,
- info->ServerRealm.Length/sizeof(WCHAR));
- wrealm[info->ServerRealm.Length/sizeof(WCHAR)]=0;
- UnicodeStringToMITPrinc(&info->ServerName, wrealm, context, &creds->server);
-
- creds->keyblock.magic = KV5M_KEYBLOCK;
- creds->keyblock.enctype = info->SessionKeyType;
- creds->ticket_flags = info->TicketFlags;
- MSFlagsToMITFlags(info->TicketFlags, &creds->ticket_flags);
- creds->times.starttime=FileTimeToUnixTime(&info->StartTime);
- creds->times.endtime=FileTimeToUnixTime(&info->EndTime);
- creds->times.renew_till=FileTimeToUnixTime(&info->RenewTime);
-
- /* MS Tickets are addressless. MIT requires an empty address
- * not a NULL list of addresses.
- */
- creds->addresses = (krb5_address **)malloc(sizeof(krb5_address *));
- memset(creds->addresses, 0, sizeof(krb5_address *));
+ return MSTicketToMITTicket(msticket, context, &creds->ticket);
}
-#endif /* HAVE_CACHE_INFO_EX2 */
static BOOL
PackageConnectLookup(HANDLE *pLogonHandle, ULONG *pPackageId)
return fCachesTicket;
}
-#ifdef HAVE_CACHE_INFO_EX2
-static BOOL
-does_query_ticket_cache_ex2 (void)
-{
- static BOOL fChecked = FALSE;
- static BOOL fEx2Response = FALSE;
-
- if (!fChecked)
- {
- NTSTATUS Status = 0;
- NTSTATUS SubStatus = 0;
- HANDLE LogonHandle;
- ULONG PackageId;
- ULONG RequestSize;
- PKERB_QUERY_TKT_CACHE_REQUEST pCacheRequest = NULL;
- PKERB_QUERY_TKT_CACHE_EX2_RESPONSE pCacheResponse = NULL;
- ULONG ResponseSize;
-
- RequestSize = sizeof(*pCacheRequest) + 1;
-
- if (!PackageConnectLookup(&LogonHandle, &PackageId))
- return FALSE;
-
- pCacheRequest = (PKERB_QUERY_TKT_CACHE_REQUEST) LocalAlloc(LMEM_ZEROINIT, RequestSize);
- if (!pCacheRequest) {
- CloseHandle(LogonHandle);
- return FALSE;
- }
-
- pCacheRequest->MessageType = KerbQueryTicketCacheEx2Message;
- pCacheRequest->LogonId.LowPart = 0;
- pCacheRequest->LogonId.HighPart = 0;
-
- Status = LsaCallAuthenticationPackage( LogonHandle,
- PackageId,
- pCacheRequest,
- RequestSize,
- &pCacheResponse,
- &ResponseSize,
- &SubStatus
- );
-
- LocalFree(pCacheRequest);
- CloseHandle(LogonHandle);
-
- if (!(FAILED(Status) || FAILED(SubStatus))) {
- LsaFreeReturnBuffer(pCacheResponse);
- fEx2Response = TRUE;
- }
- fChecked = TRUE;
- }
-
- return fEx2Response;
-}
-#endif /* HAVE_CACHE_INFO_EX2 */
-
static DWORD
ConcatenateUnicodeStrings(UNICODE_STRING *pTarget, UNICODE_STRING Source1, UNICODE_STRING Source2)
{
return TRUE;
}
-#ifdef KERB_SUBMIT_TICKET
-static BOOL
-KerbSubmitTicket( HANDLE LogonHandle, ULONG PackageId,
- krb5_context context, krb5_creds *cred)
-{
- NTSTATUS Status = 0;
- NTSTATUS SubStatus = 0;
- KERB_SUBMIT_TKT_REQUEST * pSubmitRequest;
- DWORD dwRequestLen;
- krb5_auth_context auth_context;
- krb5_keyblock * keyblock = 0;
- krb5_replay_data replaydata;
- krb5_data * krb_cred = 0;
- krb5_error_code rc;
-
- if (krb5_auth_con_init(context, &auth_context)) {
- return FALSE;
- }
-
- if (krb5_auth_con_setflags(context, auth_context,
- KRB5_AUTH_CONTEXT_RET_TIME)) {
- return FALSE;
- }
-
- krb5_auth_con_getsendsubkey(context, auth_context, &keyblock);
- if (keyblock == NULL)
- krb5_auth_con_getkey(context, auth_context, &keyblock);
-#ifdef TESTING
- /* do not use this code unless testing the LSA */
- if (keyblock == NULL) {
- keyblock = (krb5_keyblock *)malloc(sizeof(krb5_keyblock));
- keyblock->enctype = ENCTYPE_ARCFOUR_HMAC;
- keyblock->length = 16;
- keyblock->contents = (krb5_octet *)malloc(16);
- keyblock->contents[0] = 0xde;
- keyblock->contents[1] = 0xad;
- keyblock->contents[2] = 0xbe;
- keyblock->contents[3] = 0xef;
- keyblock->contents[4] = 0xfe;
- keyblock->contents[5] = 0xed;
- keyblock->contents[6] = 0xf0;
- keyblock->contents[7] = 0xd;
- keyblock->contents[8] = 0xde;
- keyblock->contents[9] = 0xad;
- keyblock->contents[10] = 0xbe;
- keyblock->contents[11] = 0xef;
- keyblock->contents[12] = 0xfe;
- keyblock->contents[13] = 0xed;
- keyblock->contents[14] = 0xf0;
- keyblock->contents[15] = 0xd;
- krb5_auth_con_setsendsubkey(context, auth_context, keyblock);
- }
-#endif
- rc = krb5_mk_1cred(context, auth_context, cred, &krb_cred, &replaydata);
- if (rc) {
- krb5_auth_con_free(context, auth_context);
- if (keyblock)
- krb5_free_keyblock(context, keyblock);
- if (krb_cred)
- krb5_free_data(context, krb_cred);
- return FALSE;
- }
-
- dwRequestLen = sizeof(KERB_SUBMIT_TKT_REQUEST) + krb_cred->length + (keyblock ? keyblock->length : 0);
-
- pSubmitRequest = (PKERB_SUBMIT_TKT_REQUEST)malloc(dwRequestLen);
- memset(pSubmitRequest, 0, dwRequestLen);
-
- pSubmitRequest->MessageType = KerbSubmitTicketMessage;
- pSubmitRequest->LogonId.LowPart = 0;
- pSubmitRequest->LogonId.HighPart = 0;
- pSubmitRequest->Flags = 0;
-
- if (keyblock) {
- pSubmitRequest->Key.KeyType = keyblock->enctype;
- pSubmitRequest->Key.Length = keyblock->length;
- pSubmitRequest->Key.Offset = sizeof(KERB_SUBMIT_TKT_REQUEST)+krb_cred->length;
- } else {
- pSubmitRequest->Key.KeyType = ENCTYPE_NULL;
- pSubmitRequest->Key.Length = 0;
- pSubmitRequest->Key.Offset = 0;
- }
- pSubmitRequest->KerbCredSize = krb_cred->length;
- pSubmitRequest->KerbCredOffset = sizeof(KERB_SUBMIT_TKT_REQUEST);
- memcpy(((CHAR *)pSubmitRequest)+sizeof(KERB_SUBMIT_TKT_REQUEST),
- krb_cred->data, krb_cred->length);
- if (keyblock)
- memcpy(((CHAR *)pSubmitRequest)+sizeof(KERB_SUBMIT_TKT_REQUEST)+krb_cred->length,
- keyblock->contents, keyblock->length);
- krb5_free_data(context, krb_cred);
-
- Status = LsaCallAuthenticationPackage( LogonHandle,
- PackageId,
- pSubmitRequest,
- dwRequestLen,
- NULL,
- NULL,
- &SubStatus
- );
- free(pSubmitRequest);
- if (keyblock)
- krb5_free_keyblock(context, keyblock);
- krb5_auth_con_free(context, auth_context);
-
- if (FAILED(Status) || FAILED(SubStatus)) {
- return FALSE;
- }
- return TRUE;
-}
-#endif /* KERB_SUBMIT_TICKET */
-
/*
* A simple function to determine if there is an exact match between two tickets
* We rely on the fact that the external tickets contain the raw Kerberos ticket.
return FALSE;
}
-#ifdef HAVE_CACHE_INFO_EX2
-static BOOL
-GetQueryTktCacheResponseEX2( HANDLE LogonHandle, ULONG PackageId,
- PKERB_QUERY_TKT_CACHE_EX2_RESPONSE * ppResponse)
-{
- NTSTATUS Status = 0;
- NTSTATUS SubStatus = 0;
-
- KERB_QUERY_TKT_CACHE_REQUEST CacheRequest;
- PKERB_QUERY_TKT_CACHE_EX2_RESPONSE pQueryResponse = NULL;
- ULONG ResponseSize;
-
- CacheRequest.MessageType = KerbQueryTicketCacheEx2Message;
- CacheRequest.LogonId.LowPart = 0;
- CacheRequest.LogonId.HighPart = 0;
-
- Status = LsaCallAuthenticationPackage(
- LogonHandle,
- PackageId,
- &CacheRequest,
- sizeof(CacheRequest),
- &pQueryResponse,
- &ResponseSize,
- &SubStatus
- );
-
- if ( !(FAILED(Status) || FAILED(SubStatus)) ) {
- *ppResponse = pQueryResponse;
- return TRUE;
- }
-
- return FALSE;
-}
-#endif /* HAVE_CACHE_INFO_EX2 */
-
static BOOL
GetMSCacheTicketFromMITCred( HANDLE LogonHandle, ULONG PackageId,
krb5_context context, krb5_creds *creds,
*/
if ( tktinfo->TicketFlags & KERB_TICKET_FLAGS_initial )
(*ticket)->TicketFlags |= KERB_TICKET_FLAGS_initial;
- return(TRUE);
+ return(TRUE);
}
static BOOL
LocalFree(pTicketRequest);
- if (FAILED(Status) || FAILED(SubStatus))
- return(FALSE);
-
- /* otherwise return ticket */
- *ticket = &(pTicketResponse->Ticket);
-
- /* set the initial flag if we were attempting to retrieve one
- * because Windows won't necessarily return the initial ticket
- * to us.
- */
- if ( tktinfo->TicketFlags & KERB_TICKET_FLAGS_initial )
- (*ticket)->TicketFlags |= KERB_TICKET_FLAGS_initial;
-
- return(TRUE);
-
-}
-
-#ifdef HAVE_CACHE_INFO_EX2
-static BOOL
-GetMSCacheTicketFromCacheInfoEX2( HANDLE LogonHandle, ULONG PackageId,
- PKERB_TICKET_CACHE_INFO_EX2 tktinfo, PKERB_EXTERNAL_TICKET *ticket)
-{
- NTSTATUS Status = 0;
- NTSTATUS SubStatus = 0;
- ULONG RequestSize;
- PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
- PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL;
- ULONG ResponseSize;
-
- RequestSize = sizeof(*pTicketRequest) + tktinfo->ServerName.Length;
-
- pTicketRequest = (PKERB_RETRIEVE_TKT_REQUEST) LocalAlloc(LMEM_ZEROINIT, RequestSize);
- if (!pTicketRequest)
- return FALSE;
-
- pTicketRequest->MessageType = KerbRetrieveEncodedTicketMessage;
- pTicketRequest->LogonId.LowPart = 0;
- pTicketRequest->LogonId.HighPart = 0;
- pTicketRequest->TargetName.Length = tktinfo->ServerName.Length;
- pTicketRequest->TargetName.MaximumLength = tktinfo->ServerName.Length;
- pTicketRequest->TargetName.Buffer = (PWSTR) (pTicketRequest + 1);
- memcpy(pTicketRequest->TargetName.Buffer,tktinfo->ServerName.Buffer, tktinfo->ServerName.Length);
- pTicketRequest->CacheOptions = KERB_RETRIEVE_TICKET_CACHE_TICKET;
- pTicketRequest->EncryptionType = tktinfo->SessionKeyType;
- pTicketRequest->TicketFlags = 0;
- if ( tktinfo->TicketFlags & KERB_TICKET_FLAGS_forwardable )
- pTicketRequest->TicketFlags |= KDC_OPT_FORWARDABLE;
- if ( tktinfo->TicketFlags & KERB_TICKET_FLAGS_forwarded )
- pTicketRequest->TicketFlags |= KDC_OPT_FORWARDED;
- if ( tktinfo->TicketFlags & KERB_TICKET_FLAGS_proxiable )
- pTicketRequest->TicketFlags |= KDC_OPT_PROXIABLE;
- if ( tktinfo->TicketFlags & KERB_TICKET_FLAGS_renewable )
- pTicketRequest->TicketFlags |= KDC_OPT_RENEWABLE;
-
- Status = LsaCallAuthenticationPackage(
- LogonHandle,
- PackageId,
- pTicketRequest,
- RequestSize,
- &pTicketResponse,
- &ResponseSize,
- &SubStatus
- );
-
- LocalFree(pTicketRequest);
-
if (FAILED(Status) || FAILED(SubStatus))
return(FALSE);
return(TRUE);
}
-#endif /* HAVE_CACHE_INFO_EX2 */
static krb5_error_code KRB5_CALLCONV krb5_lcc_close
(krb5_context, krb5_ccache id);
union {
PKERB_QUERY_TKT_CACHE_RESPONSE w2k;
PKERB_QUERY_TKT_CACHE_EX_RESPONSE xp;
-#ifdef HAVE_CACHE_INFO_EX2
- PKERB_QUERY_TKT_CACHE_EX2_RESPONSE ex2;
-#endif /* HAVE_CACHE_INFO_EX2 */
} response;
unsigned int index;
PKERB_EXTERNAL_TICKET mstgt;
HANDLE LogonHandle;
ULONG PackageId;
KERB_EXTERNAL_TICKET *msticket;
+ krb5_error_code retval = KRB5_OK;
if (!is_windows_2000())
return KRB5_FCC_NOFILE;
-#ifdef COMMENT
- /* In at least one case on Win2003 it appears that it is possible
- * for the logon session to be authenticated via NTLM and yet for
- * there to be Kerberos credentials obtained by the LSA on behalf
- * of the logged in user. Therefore, we are removing this test
- * which was meant to avoid the need to perform GetMSTGT() when
- * there was no possibility of credentials being found.
- */
- if (!IsKerberosLogon())
- return KRB5_FCC_NOFILE;
-#endif
-
if (!PackageConnectLookup(&LogonHandle, &PackageId))
return KRB5_FCC_NOFILE;
if (GetMSTGT(context, data->LogonHandle, data->PackageId, &msticket, FALSE)) {
/* convert the ticket */
krb5_creds creds;
- MSCredToMITCred(msticket, msticket->DomainName, context, &creds);
+ if (!MSCredToMITCred(msticket, msticket->DomainName, context, &creds))
+ retval = KRB5_FCC_INTERNAL;
LsaFreeReturnBuffer(msticket);
- krb5_copy_principal(context, creds.client, &data->princ);
+ if (retval == KRB5_OK)
+ krb5_copy_principal(context, creds.client, &data->princ);
krb5_free_cred_contents(context,&creds);
} else if (!does_retrieve_ticket_cache_ticket()) {
krb5_xfree(data->cc_name);
* if cache is non-existent/unusable
*/
*id = lid;
- return KRB5_OK;
+ return retval;
}
/*
if (id) {
data = (krb5_lcc_data *) id->data;
- return PurgeAllTickets(data->LogonHandle, data->PackageId) ? KRB5_OK : KRB5_FCC_INTERNAL;
- }
+ return PurgeAllTickets(data->LogonHandle, data->PackageId) ? KRB5_OK : KRB5_FCC_INTERNAL;
+ }
return KRB5_FCC_INTERNAL;
}
return KRB5_CC_NOTFOUND;
}
-#ifdef HAVE_CACHE_INFO_EX2
- if ( does_query_ticket_cache_ex2() ) {
- if ( !GetQueryTktCacheResponseEX2(data->LogonHandle, data->PackageId, &lcursor->response.ex2) ) {
- LsaFreeReturnBuffer(lcursor->mstgt);
- free(lcursor);
- *cursor = 0;
- return KRB5_FCC_INTERNAL;
- }
- } else
-#endif /* HAVE_CACHE_INFO_EX2 */
if ( is_windows_xp() ) {
if ( !GetQueryTktCacheResponseXP(data->LogonHandle, data->PackageId, &lcursor->response.xp) ) {
LsaFreeReturnBuffer(lcursor->mstgt);
data = (krb5_lcc_data *)id->data;
next_cred:
-#ifdef HAVE_CACHE_INFO_EX2
- if ( does_query_ticket_cache_ex2() ) {
- if ( lcursor->index >= lcursor->response.ex2->CountOfTickets ) {
- if (retval == KRB5_OK)
- return KRB5_CC_END;
- else {
- LsaFreeReturnBuffer(lcursor->mstgt);
- LsaFreeReturnBuffer(lcursor->response.ex2);
- free(*cursor);
- *cursor = 0;
- return retval;
- }
- }
-
- if ( data->flags & KRB5_TC_NOTICKET ) {
- CacheInfoEx2ToMITCred( &lcursor->response.ex2->Tickets[lcursor->index++],
- context, creds);
- return KRB5_OK;
- } else {
- if (!GetMSCacheTicketFromCacheInfoEX2(data->LogonHandle, data->PackageId,
- &lcursor->response.ex2->Tickets[lcursor->index++],&msticket)) {
- retval = KRB5_FCC_INTERNAL;
- goto next_cred;
- }
- }
- } else
-#endif /* HAVE_CACHE_INFO_EX2 */
if ( is_windows_xp() ) {
if ( lcursor->index >= lcursor->response.xp->CountOfTickets ) {
if (retval == KRB5_OK)
}
/* convert the ticket */
-#ifdef HAVE_CACHE_INFO_EX2
- if ( does_query_ticket_cache_ex2() ) {
- MSCredToMITCred(msticket, lcursor->response.ex2->Tickets[lcursor->index-1].ClientRealm, context, creds);
- } else
-#endif /* HAVE_CACHE_INFO_EX2 */
if ( is_windows_xp() ) {
- MSCredToMITCred(msticket, lcursor->response.xp->Tickets[lcursor->index-1].ClientRealm, context, creds);
+ if (!MSCredToMITCred(msticket, lcursor->response.xp->Tickets[lcursor->index-1].ClientRealm, context, creds))
+ retval = KRB5_FCC_INTERNAL;
} else {
- MSCredToMITCred(msticket, lcursor->mstgt->DomainName, context, creds);
+ if (!MSCredToMITCred(msticket, lcursor->mstgt->DomainName, context, creds))
+ retval = KRB5_FCC_INTERNAL;
}
LsaFreeReturnBuffer(msticket);
- return KRB5_OK;
+ return retval;
}
/*
if ( lcursor ) {
LsaFreeReturnBuffer(lcursor->mstgt);
-#ifdef HAVE_CACHE_INFO_EX2
- if ( does_query_ticket_cache_ex2() )
- LsaFreeReturnBuffer(lcursor->response.ex2);
- else
-#endif /* HAVE_CACHE_INFO_EX2 */
if ( is_windows_xp() )
LsaFreeReturnBuffer(lcursor->response.xp);
else
krb5_lcc_get_principal(krb5_context context, krb5_ccache id, krb5_principal *princ)
{
krb5_lcc_data *data = (krb5_lcc_data *)id->data;
- krb5_error_code kret = KRB5_OK;
if (!is_windows_2000())
return KRB5_FCC_NOFILE;
if (GetMSTGT(context, data->LogonHandle, data->PackageId, &msticket, FALSE)) {
/* convert the ticket */
krb5_creds creds;
- MSCredToMITCred(msticket, msticket->DomainName, context, &creds);
+ if (!MSCredToMITCred(msticket, msticket->DomainName, context, &creds))
+ {
+ LsaFreeReturnBuffer(msticket);
+ return KRB5_FCC_INTERNAL;
+ }
LsaFreeReturnBuffer(msticket);
krb5_copy_principal(context, creds.client, &data->princ);
krb5_error_code kret = KRB5_OK;
krb5_lcc_data *data = (krb5_lcc_data *)id->data;
KERB_EXTERNAL_TICKET *msticket = 0, *mstgt = 0, *mstmp = 0;
- krb5_creds * mcreds_noflags;
+ krb5_creds * mcreds_noflags = 0;
krb5_creds fetchcreds;
if (!is_windows_2000())
return KRB5_OK;
/* if not, we must try to get a ticket without specifying any flags or etypes */
- krb5_copy_creds(context, mcreds, &mcreds_noflags);
+ kret = krb5_copy_creds(context, mcreds, &mcreds_noflags);
+ if (kret)
+ goto cleanup;
mcreds_noflags->ticket_flags = 0;
mcreds_noflags->keyblock.enctype = 0;
if ( !kret )
goto cleanup;
-
-
/* if not, obtain a ticket using the request flags and enctype even though it may not
* be stored in the LSA cache for future use.
*/
if ( PreserveInitialTicketIdentity() )
GetMSTGT(context, data->LogonHandle, data->PackageId, &mstgt, FALSE);
- MSCredToMITCred(msticket, mstgt ? mstgt->DomainName : msticket->DomainName, context, &fetchcreds);
+ if (!MSCredToMITCred(msticket, mstgt ? mstgt->DomainName : msticket->DomainName, context, &fetchcreds))
+ {
+ kret = KRB5_FCC_INTERNAL;
+ goto cleanup;
+ }
} else {
/* We can obtain the correct client realm for a ticket by walking the
* cache contents until we find the matching service ticket.
mstmp = 0;
}
- MSCredToMITCred(msticket, mstmp ? pResponse->Tickets[i].ClientRealm : msticket->DomainName, context, &fetchcreds);
+ if (!MSCredToMITCred(msticket, mstmp ? pResponse->Tickets[i].ClientRealm : msticket->DomainName, context, &fetchcreds))
+ {
+ LsaFreeReturnBuffer(pResponse);
+ kret = KRB5_FCC_INTERNAL;
+ goto cleanup;
+ }
LsaFreeReturnBuffer(pResponse);
}
krb5_error_code kret = KRB5_OK;
krb5_lcc_data *data = (krb5_lcc_data *)id->data;
KERB_EXTERNAL_TICKET *msticket = 0, *msticket2 = 0;
- krb5_creds * creds_noflags;
+ krb5_creds * creds_noflags = 0;
if (!is_windows_2000())
return KRB5_FCC_NOFILE;
-#ifdef KERB_SUBMIT_TICKET
- /* we can use the new KerbSubmitTicketMessage to store the ticket */
- if (KerbSubmitTicket( data->LogonHandle, data->PackageId, context, creds ))
- return KRB5_OK;
-#endif /* KERB_SUBMIT_TICKET */
-
/* If not, lets try to obtain a matching ticket from the KDC */
if ( creds->ticket_flags != 0 && creds->keyblock.enctype != 0 ) {
/* if not, we must try to get a ticket without specifying any flags or etypes */
- krb5_copy_creds(context, creds, &creds_noflags);
- creds_noflags->ticket_flags = 0;
- creds_noflags->keyblock.enctype = 0;
+ kret = krb5_copy_creds(context, creds, &creds_noflags);
+ if (kret == 0) {
+ creds_noflags->ticket_flags = 0;
+ creds_noflags->keyblock.enctype = 0;
- GetMSCacheTicketFromMITCred(data->LogonHandle, data->PackageId, context, creds_noflags, &msticket2);
- krb5_free_creds(context, creds_noflags);
+ GetMSCacheTicketFromMITCred(data->LogonHandle, data->PackageId, context, creds_noflags, &msticket2);
+ krb5_free_creds(context, creds_noflags);
+ }
}
GetMSCacheTicketFromMITCred(data->LogonHandle, data->PackageId, context, creds, &msticket);
+2004-11-26 Ken Raeburn <raeburn@mit.edu>
+
+ * kt_file.c (krb5_ktfile_wresolve): Initialize mutex here too.
+
+2004-11-23 Ken Raeburn <raeburn@mit.edu>
+
+ * kt_file.c (struct _krb5_ktfile_data): Add mutex and buffer.
+ (KTFILEBUFP, KTLOCK, KTUNLOCK, KTCHECKLOCK): New macros.
+ (krb5_ktfile_resolve): Initialize mutex.
+ (krb5_ktfile_close): Zap data buffer before freeing.
+ (krb5_ktfile_get_entry, krb5_ktfile_start_seq_get,
+ krb5_ktfile_get_next, krb5_ktfile_end_get, krb5_ktfile_add,
+ krb5_ktfile_remove): Lock and unlock the mutex.
+ (krb5_ktfileint_open): Check that the mutex is locked. Set the
+ stdio buffer to the new buffer in the ktfile data.
+ (krb5_ktfileint_write_entry, krb5_ktfileint_find_slot): Check that
+ the mutex is locked. Don't call setbuf. Flush the stdio buffer
+ after writing.
+
+2004-11-23 Tom Yu <tlyu@mit.edu>
+
+ * kt_file.c (krb5_ktfileint_open): Update previous change by
+ explicitly setting errno=0 prior to calling fopen(). Also, return
+ EMFILE, not ENFILE, for compatibility with Solaris 8, which does
+ set errno when out of file descriptors.
+
+2004-11-19 Tom Yu <tlyu@mit.edu>
+
+ * kt_file.c (krb5_ktfileint_open): Patch from Roland Dowdeswell to
+ return ENFILE when fopen() returns NULL but doesn't set errno.
+
2004-06-22 Ken Raeburn <raeburn@mit.edu>
* kt_file.c (krb5_ktf_keytab_externalize,
typedef struct _krb5_ktfile_data {
char *name; /* Name of the file */
FILE *openf; /* open file, if any. */
+ char iobuf[BUFSIZ]; /* so we can zap it later */
int version; /* Version number of keytab */
+ k5_mutex_t lock; /* Protect openf, version */
} krb5_ktfile_data;
/*
#define KTPRIVATE(id) ((krb5_ktfile_data *)(id)->data)
#define KTFILENAME(id) (((krb5_ktfile_data *)(id)->data)->name)
#define KTFILEP(id) (((krb5_ktfile_data *)(id)->data)->openf)
+#define KTFILEBUFP(id) (((krb5_ktfile_data *)(id)->data)->iobuf)
#define KTVERSION(id) (((krb5_ktfile_data *)(id)->data)->version)
+#define KTLOCK(id) k5_mutex_lock(&((krb5_ktfile_data *)(id)->data)->lock)
+#define KTUNLOCK(id) k5_mutex_unlock(&((krb5_ktfile_data *)(id)->data)->lock)
+#define KTCHECKLOCK(id) k5_mutex_assert_locked(&((krb5_ktfile_data *)(id)->data)->lock)
extern const struct _krb5_kt_ops krb5_ktf_ops;
extern const struct _krb5_kt_ops krb5_ktf_writable_ops;
krb5_ktfile_resolve(krb5_context context, const char *name, krb5_keytab *id)
{
krb5_ktfile_data *data;
+ krb5_error_code err;
if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL)
return(ENOMEM);
return(ENOMEM);
}
+ err = k5_mutex_init(&data->lock);
+ if (err) {
+ krb5_xfree(*id);
+ return err;
+ }
+
if ((data->name = (char *)calloc(strlen(name) + 1, sizeof(char))) == NULL) {
+ k5_mutex_destroy(&data->lock);
krb5_xfree(data);
krb5_xfree(*id);
return(ENOMEM);
*/
{
krb5_xfree(KTFILENAME(id));
+ zap(KTFILEBUFP(id), BUFSIZ);
+ k5_mutex_destroy(&((krb5_ktfile_data *)id->data)->lock);
krb5_xfree(id->data);
id->ops = 0;
krb5_xfree(id);
*/
krb5_error_code KRB5_CALLCONV
-krb5_ktfile_get_entry(krb5_context context, krb5_keytab id, krb5_const_principal principal, krb5_kvno kvno, krb5_enctype enctype, krb5_keytab_entry *entry)
+krb5_ktfile_get_entry(krb5_context context, krb5_keytab id,
+ krb5_const_principal principal, krb5_kvno kvno,
+ krb5_enctype enctype, krb5_keytab_entry *entry)
{
krb5_keytab_entry cur_entry, new_entry;
krb5_error_code kerror = 0;
krb5_boolean similar;
int kvno_offset = 0;
+ kerror = KTLOCK(id);
+ if (kerror)
+ return kerror;
+
/* Open the keyfile for reading */
- if ((kerror = krb5_ktfileint_openr(context, id)))
+ if ((kerror = krb5_ktfileint_openr(context, id))) {
+ KTUNLOCK(id);
return(kerror);
+ }
/*
* For efficiency and simplicity, we'll use a while true that
}
if (kerror) {
(void) krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
krb5_kt_free_entry(context, &cur_entry);
return kerror;
}
if ((kerror = krb5_ktfileint_close(context, id)) != 0) {
+ KTUNLOCK(id);
krb5_kt_free_entry(context, &cur_entry);
return kerror;
}
+ KTUNLOCK(id);
*entry = cur_entry;
return 0;
}
krb5_error_code retval;
long *fileoff;
- if ((retval = krb5_ktfileint_openr(context, id)))
+ retval = KTLOCK(id);
+ if (retval)
return retval;
+ if ((retval = krb5_ktfileint_openr(context, id))) {
+ KTUNLOCK(id);
+ return retval;
+ }
+
if (!(fileoff = (long *)malloc(sizeof(*fileoff)))) {
krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
return ENOMEM;
}
*fileoff = ftell(KTFILEP(id));
*cursorp = (krb5_kt_cursor)fileoff;
+ KTUNLOCK(id);
return 0;
}
krb5_keytab_entry cur_entry;
krb5_error_code kerror;
- if (fseek(KTFILEP(id), *fileoff, 0) == -1)
+ kerror = KTLOCK(id);
+ if (kerror)
+ return kerror;
+ if (fseek(KTFILEP(id), *fileoff, 0) == -1) {
+ KTUNLOCK(id);
return KRB5_KT_END;
- if ((kerror = krb5_ktfileint_read_entry(context, id, &cur_entry)))
+ }
+ if ((kerror = krb5_ktfileint_read_entry(context, id, &cur_entry))) {
+ KTUNLOCK(id);
return kerror;
+ }
*fileoff = ftell(KTFILEP(id));
*entry = cur_entry;
+ KTUNLOCK(id);
return 0;
}
krb5_error_code KRB5_CALLCONV
krb5_ktfile_end_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor)
{
+ krb5_error_code kerror;
+
krb5_xfree(*cursor);
- return krb5_ktfileint_close(context, id);
+ KTLOCK(id);
+ kerror = krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
+ return kerror;
}
/*
krb5_ktfile_wresolve(krb5_context context, const char *name, krb5_keytab *id)
{
krb5_ktfile_data *data;
+ krb5_error_code err;
if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL)
return(ENOMEM);
return(ENOMEM);
}
+ err = k5_mutex_init(&data->lock);
+ if (err) {
+ krb5_xfree(*id);
+ return err;
+ }
+
if ((data->name = (char *)calloc(strlen(name) + 1, sizeof(char))) == NULL) {
+ k5_mutex_destroy(&data->lock);
krb5_xfree(data);
krb5_xfree(*id);
return(ENOMEM);
{
krb5_error_code retval;
- if ((retval = krb5_ktfileint_openw(context, id)))
+ retval = KTLOCK(id);
+ if (retval)
return retval;
- if (fseek(KTFILEP(id), 0, 2) == -1)
+ if ((retval = krb5_ktfileint_openw(context, id))) {
+ KTUNLOCK(id);
+ return retval;
+ }
+ if (fseek(KTFILEP(id), 0, 2) == -1) {
+ KTUNLOCK(id);
return KRB5_KT_END;
+ }
retval = krb5_ktfileint_write_entry(context, id, entry);
krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
return retval;
}
krb5_error_code kerror;
krb5_int32 delete_point;
+ kerror = KTLOCK(id);
+ if (kerror)
+ return kerror;
+
if ((kerror = krb5_ktfileint_openw(context, id))) {
+ KTUNLOCK(id);
return kerror;
}
if (kerror) {
(void) krb5_ktfileint_close(context, id);
+ KTUNLOCK(id);
return kerror;
}
} else {
kerror = krb5_ktfileint_close(context, id);
}
-
+ KTUNLOCK(id);
return kerror;
}
krb5_kt_vno kt_vno;
int writevno = 0;
+ KTCHECKLOCK(id);
+ errno = 0;
KTFILEP(id) = fopen(KTFILENAME(id),
(mode == KRB5_LOCKMODE_EXCLUSIVE) ?
fopen_mode_rbplus : fopen_mode_rb);
if ((mode == KRB5_LOCKMODE_EXCLUSIVE) && (errno == ENOENT)) {
/* try making it first time around */
krb5_create_secure_file(context, KTFILENAME(id));
+ errno = 0;
KTFILEP(id) = fopen(KTFILENAME(id), fopen_mode_rbplus);
if (!KTFILEP(id))
- return errno;
+ return errno ? errno : EMFILE;
writevno = 1;
} else /* some other error */
- return errno;
+ return errno ? errno : EMFILE;
}
if ((kerror = krb5_lock_file(context, fileno(KTFILEP(id)), mode))) {
(void) fclose(KTFILEP(id));
return kerror;
}
/* assume ANSI or BSD-style stdio */
- setbuf(KTFILEP(id), NULL);
+ setbuf(KTFILEP(id), KTFILEBUFP(id));
/* get the vno and verify it */
if (writevno) {
{
krb5_error_code kerror;
+ KTCHECKLOCK(id);
if (!KTFILEP(id))
return 0;
kerror = krb5_unlock_file(context, fileno(KTFILEP(id)));
krb5_int32 len;
char iobuf[BUFSIZ];
+ KTCHECKLOCK(id);
if (fseek(KTFILEP(id), delete_point, SEEK_SET)) {
return errno;
}
char *tmpdata;
krb5_data *princ;
+ KTCHECKLOCK(id);
memset(ret_entry, 0, sizeof(krb5_keytab_entry));
ret_entry->magic = KV5M_KEYTAB_ENTRY;
krb5_int32 size_needed;
krb5_int32 commit_point;
int i;
- char iobuf[BUFSIZ];
+ KTCHECKLOCK(id);
retval = krb5_ktfileint_size_entry(context, entry, &size_needed);
if (retval)
return retval;
if (retval)
return retval;
- setbuf(KTFILEP(id), iobuf);
-
/* fseek to synchronise buffered I/O on the key table. */
-
+ /* XXX Without the weird setbuf crock, can we get rid of this now? */
if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0)
{
return errno;
if (!xfwrite(&count, sizeof(count), 1, KTFILEP(id))) {
abend:
- setbuf(KTFILEP(id), 0);
return KRB5_KT_IOERR;
}
size = krb5_princ_realm(context, entry->principal)->length;
}
if (!xfwrite(entry->key.contents, sizeof(krb5_octet),
entry->key.length, KTFILEP(id))) {
- memset(iobuf, 0, sizeof(iobuf));
- setbuf(KTFILEP(id), 0);
- return KRB5_KT_IOERR;
+ goto abend;
}
+ if (fflush(KTFILEP(id)))
+ goto abend;
+
retval = krb5_sync_disk_file(context, KTFILEP(id));
- (void) memset(iobuf, 0, sizeof(iobuf));
- setbuf(KTFILEP(id), 0);
if (retval) {
return retval;
if (!xfwrite(&size_needed, sizeof(size_needed), 1, KTFILEP(id))) {
goto abend;
}
+ if (fflush(KTFILEP(id)))
+ goto abend;
retval = krb5_sync_disk_file(context, KTFILEP(id));
return retval;
krb5_boolean found = FALSE;
char iobuf[BUFSIZ];
+ KTCHECKLOCK(id);
/*
* Skip over file version number
*/
/*
* Hit the end of file, reserve this slot.
*/
- setbuf(KTFILEP(id), 0);
size = 0;
/* fseek to synchronise buffered I/O on the key table. */
-
+ /* XXX Without the weird setbuf hack, can we nuke this now? */
if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0)
{
return errno;
* Make sure we zero any trailing data.
*/
zero_point = ftell(KTFILEP(id));
- setbuf(KTFILEP(id), iobuf);
while ((size = xfread(iobuf, 1, sizeof(iobuf), KTFILEP(id)))) {
if (size != sizeof(iobuf)) {
remainder = size % sizeof(krb5_int32);
memset(iobuf, 0, (size_t) size);
xfwrite(iobuf, 1, (size_t) size, KTFILEP(id));
+ fflush(KTFILEP(id));
if (feof(KTFILEP(id))) {
break;
}
}
}
- setbuf(KTFILEP(id), 0);
if (fseek(KTFILEP(id), zero_point, SEEK_SET)) {
return errno;
}
+2005-01-17 Jeffrey Altman <jaltman@mit.edu>
+ * unparse.c: krb5_unparse_name, krb5_unparse_name_ext()
+ prevent null pointer dereferencing if either 'name' or 'size'
+ are NULL.
+
+2005-01-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * cp_key_cnt.c, copy_princ.c:
+ prevent krb5_copy_principal() and krb5_copy_keyblock() from
+ calling malloc(0). On platforms in which malloc(0) returns
+ NULL, these functions will return an ENOMEM error the way
+ they were written.
+
+2005-01-03 Ken Raeburn <raeburn@mit.edu>
+
+ * parse.c (krb5_parse_name): Don't cache the default realm name.
+
2004-10-26 Tom Yu <tlyu@mit.edu>
* mk_req_ext.c (krb5_mk_req_extended): Free keyblock before
for (i = 0; i < nelems; i++) {
unsigned int len = krb5_princ_component(context, inprinc, i)->length;
krb5_princ_component(context, tempprinc, i)->length = len;
- if (((krb5_princ_component(context, tempprinc, i)->data =
- malloc(len)) == 0) && len) {
- while (--i >= 0)
- free(krb5_princ_component(context, tempprinc, i)->data);
- free (tempprinc->data);
- free (tempprinc);
- return ENOMEM;
- }
- if (len)
+ if (len) {
+ if (((krb5_princ_component(context, tempprinc, i)->data =
+ malloc(len)) == 0)) {
+ while (--i >= 0)
+ free(krb5_princ_component(context, tempprinc, i)->data);
+ free (tempprinc->data);
+ free (tempprinc);
+ return ENOMEM;
+ }
memcpy(krb5_princ_component(context, tempprinc, i)->data,
krb5_princ_component(context, inprinc, i)->data, len);
+ } else
+ krb5_princ_component(context, tempprinc, i)->data = 0;
}
- tempprinc->realm.data =
+ if (tempprinc->realm.length) {
+ tempprinc->realm.data =
malloc(tempprinc->realm.length = inprinc->realm.length);
- if (!tempprinc->realm.data && tempprinc->realm.length) {
+ if (!tempprinc->realm.data) {
for (i = 0; i < nelems; i++)
- free(krb5_princ_component(context, tempprinc, i)->data);
+ free(krb5_princ_component(context, tempprinc, i)->data);
free(tempprinc->data);
free(tempprinc);
return ENOMEM;
- }
- if (tempprinc->realm.length)
+ }
memcpy(tempprinc->realm.data, inprinc->realm.data,
inprinc->realm.length);
-
+ } else
+ tempprinc->realm.data = 0;
+
*outprinc = tempprinc;
return 0;
}
krb5_copy_keyblock_contents(krb5_context context, const krb5_keyblock *from, krb5_keyblock *to)
{
*to = *from;
- to->contents = (krb5_octet *)malloc(to->length);
- if (!to->contents)
- return ENOMEM;
- memcpy((char *)to->contents, (char *)from->contents, to->length);
+ if (to->length) {
+ to->contents = (krb5_octet *)malloc(to->length);
+ if (!to->contents)
+ return ENOMEM;
+ memcpy((char *)to->contents, (char *)from->contents, to->length);
+ } else
+ to->contents = 0;
return 0;
}
const char *parsed_realm = NULL;
int fcompsize[FCOMPNUM];
unsigned int realmsize = 0;
- static char *default_realm = NULL;
- static int default_realm_size = 0;
+ char *default_realm = NULL;
+ int default_realm_size = 0;
char *tmpdata;
krb5_principal principal;
krb5_error_code retval;
if (tmpdata == 0) {
krb5_xfree(principal->data);
krb5_xfree(principal);
+ krb5_xfree(default_realm);
return ENOMEM;
}
krb5_princ_set_realm_length(context, principal, realmsize);
krb5_xfree(krb5_princ_realm(context, principal)->data);
krb5_xfree(principal->data);
krb5_xfree(principal);
+ krb5_xfree(default_realm);
return(ENOMEM);
}
krb5_princ_component(context, principal, i)->data = tmpdata2;
principal->magic = KV5M_PRINCIPAL;
principal->realm.magic = KV5M_DATA;
*nprincipal = principal;
+ krb5_xfree(default_realm);
return(0);
}
*
* krb5_unparse_name() routine
*
- * Rewritten by Theodore Ts'o to propoerly unparse principal names
+ * Rewritten by Theodore Ts'o to properly unparse principal names
* which have the component or realm separator as part of one of their
* components.
*/
krb5_int32 nelem;
register unsigned int totalsize = 0;
- if (!principal)
+ if (!principal || !name)
return KRB5_PARSE_MALFORMED;
cp = krb5_princ_realm(context, principal)->data;
* We need only n-1 seperators for n components, but we need
* an extra byte for the NULL at the end.
*/
- if (*name) {
- if (*size < (totalsize)) {
- *size = totalsize;
- *name = realloc(*name, totalsize);
- }
- } else {
- *name = malloc(totalsize);
- if (size)
- *size = totalsize;
- }
-
+ if (size) {
+ if (*name && (*size < totalsize)) {
+ *name = realloc(*name, totalsize);
+ } else {
+ *name = malloc(totalsize);
+ }
+ *size = totalsize;
+ } else {
+ *name = malloc(totalsize);
+ }
+
if (!*name)
return ENOMEM;
krb5_error_code KRB5_CALLCONV
krb5_unparse_name(krb5_context context, krb5_const_principal principal, register char **name)
{
- *name = NULL;
+ if (name) /* name == NULL will return error from _ext */
+ *name = NULL;
return(krb5_unparse_name_ext(context, principal, name, NULL));
}
krb5_init_secure_context
krb5_internalize_opaque
krb5_is_permitted_enctype
+krb5_is_thread_safe
krb5_kdc_rep_decrypt_proc
krb5_kt_add_entry
krb5_kt_close
+2005-01-12 Tom Yu <tlyu@mit.edu>
+
+ * dnsglue.c (krb5int_dns_fini): Reorder to make more correct.
+ (krb5int_dns_init): Rework error handling. Call res_ndestroy() or
+ res_nclose() as appropriate to avoid leaking resources allocated
+ by res_ninit().
+
+2005-01-03 Jeffrey Altman <jaltman@mit.edu>
+
+ * thread_safe.c: (new file) krb5_is_thread_safe()
+
+2004-12-08 Ken Raeburn <raeburn@mit.edu>
+
+ * accessor.c (krb5int_accessor): Set new field use_dns_kdc.
+
+2004-12-06 Tom Yu <tlyu@mit.edu>
+
+ * locate_kdc.c (krb5_locate_srv_dns_1): Don't compile if
+ KRB5_DNS_LOOKUP is not defined.
+
+2004-11-19 Ken Raeburn <raeburn@mit.edu>
+
+ * locate_kdc.c (krb5int_add_host_to_list): If debugging, log the
+ requested family and socket type. If AI_NUMERICSERV is defined,
+ set it in ai_flags. If getaddrinfo returns an error with
+ debugging enabled, log the error.
+ (krb5_locate_srv_conf_1): When logging an error from
+ add_host_to_list, include the corresponding error string.
+
+ * t_locate_kdc.c: Include port-sockets.h, instead of sys/socket.h,
+ netdb.h, netinet/in.h, and arpa/inet.h.
+ * Makefile.in ($(OUTPRE)t_locate_kdc.exe): New target.
+
2004-10-20 Ken Raeburn <raeburn@mit.edu>
* locate_kdc.c: Include stdarg.h.
send524.o \
sendto_kdc.o \
sn2princ.o \
+ thread_safe.o \
timeofday.o \
toffset.o \
unlck_file.o \
$(OUTPRE)send524.$(OBJEXT) \
$(OUTPRE)sendto_kdc.$(OBJEXT) \
$(OUTPRE)sn2princ.$(OBJEXT) \
+ $(OUTPRE)thread_safe.$(OBJEXT) \
$(OUTPRE)timeofday.$(OBJEXT) \
$(OUTPRE)toffset.$(OBJEXT) \
$(OUTPRE)unlck_file.$(OBJEXT) \
$(srcdir)/send524.c \
$(srcdir)/sendto_kdc.c \
$(srcdir)/sn2princ.c \
+ $(srcdir)/thread_safe.c \
$(srcdir)/timeofday.c \
$(srcdir)/toffset.c \
$(srcdir)/unlck_file.c \
$(CC_LINK) $(ALL_CFLAGS) -o t_locate_kdc t_locate_kdc.o \
$(KRB5_BASE_LIBS)
t_locate_kdc.o: t_locate_kdc.c locate_kdc.c
+$(OUTPRE)t_locate_kdc.exe: $(OUTPRE)t_locate_kdc.obj \
+ $(OUTPRE)dnssrv.obj $(OUTPRE)dnsglue.obj \
+ $(KLIB) $(PLIB) $(CLIB) $(SLIB)
+ link $(EXE_LINKOPTS) -out:$@ $** ws2_32.lib $(DNSLIBS)
LCLINT=lclint
LCLINTOPTS= -warnposix \
$(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h \
$(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
$(SRCTOP)/include/krb5/kdb.h $(SRCTOP)/include/fake-addrinfo.h
+thread_safe.so thread_safe.po $(OUTPRE)thread_safe.$(OBJEXT): thread_safe.c $(SRCTOP)/include/k5-int.h \
+ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \
+ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \
+ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h \
+ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
+ $(SRCTOP)/include/krb5/kdb.h
timeofday.so timeofday.po $(OUTPRE)timeofday.$(OBJEXT): timeofday.c $(SRCTOP)/include/k5-int.h \
$(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \
t_an_to_ln.so t_an_to_ln.po $(OUTPRE)t_an_to_ln.$(OBJEXT): t_an_to_ln.c $(BUILDTOP)/include/krb5.h \
$(COM_ERR_DEPS)
t_gifconf.so t_gifconf.po $(OUTPRE)t_gifconf.$(OBJEXT): t_gifconf.c
-t_locate_kdc.so t_locate_kdc.po $(OUTPRE)t_locate_kdc.$(OBJEXT): t_locate_kdc.c $(COM_ERR_DEPS) \
- locate_kdc.c $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/port-sockets.h \
- $(BUILDTOP)/include/krb5/autoconf.h $(SRCTOP)/include/socket-utils.h \
+t_locate_kdc.so t_locate_kdc.po $(OUTPRE)t_locate_kdc.$(OBJEXT): t_locate_kdc.c $(SRCTOP)/include/port-sockets.h \
+ $(BUILDTOP)/include/krb5/autoconf.h $(COM_ERR_DEPS) \
+ locate_kdc.c $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/socket-utils.h \
$(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \
$(SRCTOP)/include/k5-int.h $(BUILDTOP)/include/krb5/osconf.h \
$(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \
#ifdef KRB5_DNS_LOOKUP
internals_temp.make_srv_query_realm = krb5int_make_srv_query_realm;
internals_temp.free_srv_dns_data = krb5int_free_srv_dns_data;
+ internals_temp.use_dns_kdc = _krb5_use_dns_kdc;
#else
internals_temp.make_srv_query_realm = 0;
internals_temp.free_srv_dns_data = 0;
+ internals_temp.use_dns_kdc = 0;
#endif
#ifdef KRB5_KRB4_COMPAT
internals_temp.krb_life_to_time = krb5int_krb_life_to_time;
struct __res_state statbuf;
#endif
struct krb5int_dns_state *ds;
- int len;
+ int len, ret;
size_t nextincr, maxincr;
unsigned char *p;
if (ds == NULL)
return -1;
+ ret = -1;
ds->nclass = nclass;
ds->ntype = ntype;
ds->ansp = NULL;
#endif
#if HAVE_RES_NSEARCH
- len = res_ninit(&statbuf);
- if (len < 0)
+ ret = res_ninit(&statbuf);
+ if (ret < 0)
return -1;
#endif
? malloc(nextincr) : realloc(ds->ansp, nextincr);
if (p == NULL && ds->ansp != NULL) {
- free(ds->ansp);
- return -1;
+ ret = -1;
+ goto errout;
}
ds->ansp = p;
ds->ansmax = nextincr;
len = res_search(host, ds->nclass, ds->ntype,
ds->ansp, ds->ansmax);
#endif
- if (len > maxincr)
- return -1;
+ if (len > maxincr) {
+ ret = -1;
+ goto errout;
+ }
while (nextincr < len)
nextincr *= 2;
if (len < 0 || nextincr > maxincr) {
- free(ds->ansp);
- return -1;
+ ret = -1;
+ goto errout;
}
} while (len > ds->ansmax);
ds->anslen = len;
#if HAVE_NS_INITPARSE
- len = ns_initparse(ds->ansp, ds->anslen, &ds->msg);
+ ret = ns_initparse(ds->ansp, ds->anslen, &ds->msg);
#else
- len = initparse(ds);
+ ret = initparse(ds);
#endif
- if (len < 0) {
- free(ds->ansp);
- return -1;
+ if (ret < 0)
+ goto errout;
+
+ ret = 0;
+
+errout:
+#if HAVE_RES_NSEARCH
+#if HAVE_RES_NDESTROY
+ res_ndestroy(&statbuf);
+#else
+ res_nclose(&statbuf);
+#endif
+#endif
+ if (ret < 0) {
+ if (ds->ansp != NULL) {
+ free(ds->ansp);
+ ds->ansp = NULL;
+ }
}
- return 0;
+ return ret;
}
#if HAVE_NS_INITPARSE
void
krb5int_dns_fini(struct krb5int_dns_state *ds)
{
+ if (ds == NULL)
+ return;
if (ds->ansp != NULL)
free(ds->ansp);
- if (ds != NULL)
- free(ds);
+ free(ds);
}
/*
int err;
char portbuf[10], secportbuf[10];
- Tprintf ("adding hostname %s, ports %d,%d\n", hostname,
- ntohs (port), ntohs (secport));
+ Tprintf ("adding hostname %s, ports %d,%d, family %d, socktype %d\n",
+ hostname, ntohs (port), ntohs (secport),
+ family, socktype);
memset(&hint, 0, sizeof(hint));
hint.ai_family = family;
hint.ai_socktype = socktype;
+#ifdef AI_NUMERICSERV
+ hint.ai_flags = AI_NUMERICSERV;
+#endif
sprintf(portbuf, "%d", ntohs(port));
sprintf(secportbuf, "%d", ntohs(secport));
err = getaddrinfo (hostname, portbuf, &hint, &addrs);
- if (err)
+ if (err) {
+ Tprintf ("\tgetaddrinfo(\"%s\", \"%s\", ...)\n\treturns %d: %s\n",
+ hostname, portbuf, err, gai_strerror (err));
return translate_ai_error (err);
+ }
anext = 0;
for (a = addrs; a != 0 && err == 0; a = anext) {
anext = a->ai_next;
SOCK_STREAM, family);
}
if (code) {
- Tprintf ("error %d returned from add_host_to_list\n", code);
+ Tprintf ("error %d (%s) returned from add_host_to_list\n", code,
+ error_message (code));
if (hostlist)
profile_free_list (hostlist);
if (masterlist)
}
#endif
+#ifdef KRB5_DNS_LOOKUP
static krb5_error_code
krb5_locate_srv_dns_1 (const krb5_data *realm,
const char *service,
(strcmp("_tcp", protocol)
? SOCK_DGRAM
: SOCK_STREAM), family);
- if (code)
+ if (code) {
break;
+ }
if (entry == head) {
free(entry->host);
free(entry);
krb5int_free_srv_dns_data(head);
return code;
}
+#endif
/*
* Wrapper function for the two backends
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-
+#include "port-sockets.h"
#include <com_err.h>
#define TEST
--- /dev/null
+/*
+ * lib/krb5/os/thread_safec
+ *
+ * Copyright 2005 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * krb5_is_thread_safe() function.
+ */
+
+#include "k5-int.h"
+
+krb5_boolean KRB5_CALLCONV
+krb5_is_thread_safe(void)
+{
+#if defined(ENABLE_THREADS)
+ return 1;
+#else
+ return 0;
+#endif
+}
+2005-01-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * rc_dfl.c: Move the extraction of the struct dfl_data
+ from the krb5_rcache after obtaining the lock, not before.
+
2004-08-03 Ken Raeburn <raeburn@mit.edu>
* rc-int.h (struct _krb5_rc_ops): Add new member,
krb5_error_code err;
struct dfl_data *t;
- t = (struct dfl_data *) id->data;
err = k5_mutex_lock(&id->lock);
if (err)
return err;
+ t = (struct dfl_data *) id->data;
*lifespan = t->lifespan;
k5_mutex_unlock(&id->lock);
return 0;
krb5_rc_dfl_recover_or_init(krb5_context context, krb5_rcache id,
krb5_deltat lifespan)
{
- struct dfl_data *t = (struct dfl_data *)id->data;
krb5_error_code retval;
retval = k5_mutex_lock(&id->lock);
krb5_rc_dfl_store(krb5_context context, krb5_rcache id, krb5_donot_replay *rep)
{
krb5_error_code ret;
- struct dfl_data *t = (struct dfl_data *)id->data;
+ struct dfl_data *t;
krb5_int32 now;
ret = krb5_timeofday(context, &now);
case 0: break;
default: /* wtf? */ ;
}
+ t = (struct dfl_data *)id->data;
#ifndef NOIOSTUFF
ret = krb5_rc_io_store(context, t, rep);
if (ret) {
krb5_init_keyblock
krb5_init_random_key
krb5_init_secure_context
+ krb5_is_thread_safe
krb5_kt_add_entry
krb5_kt_close
krb5_kt_default
krb5_os_localaddr
krb5_parse_name
krb5_principal_compare
- krb5_principal2salt
+ krb5_principal2salt ; KRB5_CALLCONV_WRONG
krb5_process_key
krb5_prompter_posix
krb5_random_key
krb5_sendauth
krb5_set_default_realm
krb5_set_default_tgs_enctypes
-krb5_set_password
-krb5_set_password_using_ccache
+ krb5_set_password
+ krb5_set_password_using_ccache
krb5_set_principal_realm
krb5_set_real_time
krb5_sname_to_principal
+2005-01-14 Tom Yu <tlyu@mit.edu>
+
+ * xdr.c (xdr_bytes): Revert previous; the problem was actually in
+ xdr_rpc_gss_buf.
+
+ * authgss_prot.c (xdr_rpc_gss_wrap_data): Use xdr_alloc to avoid
+ size limit issues. Use (unsigned int)-1 instead of MAX_NETOBJ_SZ.
+ (xdr_rpc_gss_unwrap_data): Use (unsigned int)-1 instead of
+ MAX_NETOBJ_SZ.
+ (xdr_rpc_gss_buf): Set tmplen even if doing XDR_FREE.
+
+ * xdr.c (xdr_bytes): Don't assign from *sizep if XDR_FREE, since
+ it'll be uninitialized then. Shuts up Purify.
+
+2004-11-18 Tom Yu <tlyu@mit.edu>
+
+ * Makefile.in (install-unix): Install into KRB5_INCDIR/gssrpc,
+ rather than just KRB5_INCDIR.
+
2004-10-25 Tom Yu <tlyu@mit.edu>
* auth_gss.c (authgss_get_private_data): New function.
install-unix::
for i in $(SRC_HDRS); do \
- (set -x; $(INSTALL_DATA) $(srcdir)/$$i $(DESTDIR)$(KRB5_INCDIR)$(S)$$i) ; \
+ (set -x; $(INSTALL_DATA) $(srcdir)/$$i $(DESTDIR)$(KRB5_INCDIR)$(S)gssrpc$(S)$$i) ; \
done
for i in $(BUILD_HDRS); do \
- (set -x; $(INSTALL_DATA) $$i $(DESTDIR)$(KRB5_INCDIR)$(S)$$i) ; \
+ (set -x; $(INSTALL_DATA) $$i $(DESTDIR)$(KRB5_INCDIR)$(S)gssrpc$(S)$$i) ; \
done
BUILD_HDRS = types.h
bool_t xdr_stat;
u_int tmplen;
- if (xdrs->x_op == XDR_ENCODE) {
+ if (xdrs->x_op != XDR_DECODE) {
if (buf->length > UINT_MAX)
return (FALSE);
else
gss_ctx_id_t ctx, gss_qop_t qop,
rpc_gss_svc_t svc, uint32_t seq)
{
+ XDR tmpxdrs;
gss_buffer_desc databuf, wrapbuf;
OM_uint32 maj_stat, min_stat;
- u_int start, end;
int conf_state;
bool_t xdr_stat;
- u_int tmplen;
- /* Skip databody length. */
- start = XDR_GETPOS(xdrs);
- if (start > UINT_MAX - 4)
- return (FALSE);
- XDR_SETPOS(xdrs, start + 4);
+ xdralloc_create(&tmpxdrs, XDR_ENCODE);
+
+ xdr_stat = FALSE;
/* Marshal rpc_gss_data_t (sequence number + arguments). */
- if (!xdr_u_int32(xdrs, &seq) || !(*xdr_func)(xdrs, xdr_ptr))
- return (FALSE);
- end = XDR_GETPOS(xdrs);
- if (end < start + 4)
- return (FALSE);
+ if (!xdr_u_int32(&tmpxdrs, &seq) || !(*xdr_func)(&tmpxdrs, xdr_ptr))
+ goto errout;
/* Set databuf to marshalled rpc_gss_data_t. */
- databuf.length = end - start - 4;
- XDR_SETPOS(xdrs, start + 4);
- databuf.value = XDR_INLINE(xdrs, (int)databuf.length);
+ databuf.length = xdr_getpos(&tmpxdrs);
+ databuf.value = xdralloc_getdata(&tmpxdrs);
- xdr_stat = FALSE;
-
if (svc == RPCSEC_GSS_SVC_INTEGRITY) {
- /* Marshal databody_integ length. */
- XDR_SETPOS(xdrs, start);
- if (databuf.length > UINT_MAX)
- return (FALSE);
- else
- tmplen = databuf.length;
+ if (!xdr_rpc_gss_buf(xdrs, &databuf, (unsigned int)-1))
+ goto errout;
- if (!xdr_u_int(xdrs, &tmplen))
- return (FALSE);
-
/* Checksum rpc_gss_data_t. */
maj_stat = gss_get_mic(&min_stat, ctx, qop,
&databuf, &wrapbuf);
if (maj_stat != GSS_S_COMPLETE) {
log_debug("gss_get_mic failed");
- return (FALSE);
+ goto errout;
}
/* Marshal checksum. */
- XDR_SETPOS(xdrs, end);
- xdr_stat = xdr_rpc_gss_buf(xdrs, &wrapbuf, MAX_NETOBJ_SZ);
+ xdr_stat = xdr_rpc_gss_buf(xdrs, &wrapbuf, (unsigned int)-1);
gss_release_buffer(&min_stat, &wrapbuf);
}
else if (svc == RPCSEC_GSS_SVC_PRIVACY) {
&conf_state, &wrapbuf);
if (maj_stat != GSS_S_COMPLETE) {
log_status("gss_wrap", maj_stat, min_stat);
- return (FALSE);
+ goto errout;
}
/* Marshal databody_priv. */
- XDR_SETPOS(xdrs, start);
- xdr_stat = xdr_rpc_gss_buf(xdrs, &wrapbuf, MAX_NETOBJ_SZ);
+ xdr_stat = xdr_rpc_gss_buf(xdrs, &wrapbuf, (unsigned int)-1);
gss_release_buffer(&min_stat, &wrapbuf);
}
+errout:
+ xdr_destroy(&tmpxdrs);
return (xdr_stat);
}
if (svc == RPCSEC_GSS_SVC_INTEGRITY) {
/* Decode databody_integ. */
- if (!xdr_rpc_gss_buf(xdrs, &databuf, MAX_NETOBJ_SZ)) {
+ if (!xdr_rpc_gss_buf(xdrs, &databuf, (unsigned int)-1)) {
log_debug("xdr decode databody_integ failed");
return (FALSE);
}
/* Decode checksum. */
- if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, MAX_NETOBJ_SZ)) {
+ if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, (unsigned int)-1)) {
gss_release_buffer(&min_stat, &databuf);
log_debug("xdr decode checksum failed");
return (FALSE);
}
else if (svc == RPCSEC_GSS_SVC_PRIVACY) {
/* Decode databody_priv. */
- if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, MAX_NETOBJ_SZ)) {
+ if (!xdr_rpc_gss_buf(xdrs, &wrapbuf, (unsigned int)-1)) {
log_debug("xdr decode databody_priv failed");
return (FALSE);
}
#
_GSS_KRB5_NT_PRINCIPAL_NAME
+
+#
+# GSS-API krb5 symbols from gssapi_krb5.h
+#
+
+_gss_mech_krb5
+_gss_mech_krb5_old
+_gss_mech_set_krb5
+_gss_mech_set_krb5_both
+_gss_mech_set_krb5_old
+
+_gss_nt_krb5_name
+_gss_nt_krb5_principal
+_krb5_gss_oid_array
refType = 4;
sourceTree = "<group>";
};
+ A14E78E90725B12A00A025E3 = {
+ fileRef = F517327003F1B65901120114;
+ isa = PBXBuildFile;
+ settings = {
+ };
+ };
A166BCC3040D36F8004AA618 = {
fileEncoding = 4;
isa = PBXFileReference;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../Sources/lib/crypto/des $(SRCROOT)/../Sources/include $(SRCROOT)/../Sources/include/krb5 $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = KerberosDES;
REZ_EXECUTABLE = YES;
buildActionMask = 2147483647;
files = (
A1AB1DEF05DDC40100526345,
+ A14E78E90725B12A00A025E3,
);
isa = PBXHeadersBuildPhase;
runOnlyForDeploymentPostprocessing = 0;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(SRCROOT)/../../Common/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../../Common/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../Sources/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = KerberosProfile;
REZ_EXECUTABLE = YES;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/ErrorTables $(SRCROOT)/../../Common/Headers $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosDebug/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../../CredentialsCache/Headers $(SRCROOT)/../../CredentialsCache/Headers/Kerberos $(SRCROOT)/../../KerberosLogin/Headers $(SRCROOT)/../../KerberosLogin/Headers/Kerberos";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../Sources/include $(SRCROOT)/../Sources/include/krb5 $(SRCROOT)/../Sources/include/kerberosIV $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5 $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/ErrorTables $(SRCROOT)/../../Common/Headers $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosDebug/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../../CredentialsCache/Headers $(SRCROOT)/../../CredentialsCache/Headers/Kerberos $(SRCROOT)/../../KerberosLogin/Headers $(SRCROOT)/../../KerberosLogin/Headers/Kerberos";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = Kerberos4;
REZ_EXECUTABLE = YES;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(SRCROOT)/../Sources/include $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../../CredentialsCache/Headers $(SRCROOT)/../../CredentialsCache/Headers/Kerberos $(SRCROOT)/../../KerberosLogin/Headers $(SRCROOT)/../../KerberosLogin/Headers/Kerberos";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../Sources/ $(SRCROOT)/../Sources/include $(SRCROOT)/../Sources/include/krb5 $(SRCROOT)/../Sources/lib/crypto/aes $(SRCROOT)/../Sources/lib/crypto $(SRCROOT)/../Sources/lib/crypto/arcfour $(SRCROOT)/../Sources/lib/crypto/enc_provider $(SRCROOT)/../Sources/lib/crypto/crc32 $(SRCROOT)/../Sources/lib/crypto/des $(SRCROOT)/../Sources/lib/crypto/dk $(SRCROOT)/../Sources/lib/crypto/hash_provider $(SRCROOT)/../Sources/lib/crypto/keyhash_provider $(SRCROOT)/../Sources/lib/crypto/md4 $(SRCROOT)/../Sources/lib/crypto/md5 $(SRCROOT)/../Sources/lib/crypto/old $(SRCROOT)/../Sources/lib/crypto/raw $(SRCROOT)/../Sources/lib/crypto/sha1 $(SRCROOT)/../Sources/lib/crypto/yarrow $(SRCROOT)/../Sources/lib/krb5/os $(SRCROOT)/../Sources/lib/krb5/keytab $(SRCROOT)/../Sources/lib/krb5/rcache $(SRCROOT)/../Sources/lib/krb5/ccache $(SRCROOT)/../Sources/lib/krb5/ccache/ccapi $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5 $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/ErrorTables $(SRCROOT)/../Sources/include $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos $(SRCROOT)/../../CredentialsCache/Headers $(SRCROOT)/../../CredentialsCache/Headers/Kerberos $(SRCROOT)/../../KerberosLogin/Headers $(SRCROOT)/../../KerberosLogin/Headers/Kerberos";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = Kerberos5;
REZ_EXECUTABLE = YES;
DYLIB_CURRENT_VERSION = 1;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = ../Sources/mac/MacOSX/Headers/Kerberos5Prefix.h;
- HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos";
+ HEADER_SEARCH_PATHS = "$(SRCROOT)/../Sources/include $(SRCROOT)/../Sources/include/krb5 $(SRCROOT)/../Sources/lib/gssapi $(SRCROOT)/../Sources/lib/gssapi/krb5 $(SRCROOT)/../Sources/lib/gssapi/generic $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/ErrorTables $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/krb5 $(BUILT_PRODUCTS_DIR)/Kerberos5.intermediates/include/gssapi $(SRCROOT)/../../KerberosErrors/Headers $(SRCROOT)/../../KerberosErrors/Headers/Kerberos";
LIBRARY_STYLE = STATIC;
PRODUCT_NAME = GSS;
REZ_EXECUTABLE = YES;
_profile_init_path
_FSp_profile_init
_FSp_profile_init_path
+_profile_is_writable
+_profile_is_modified
_profile_flush
+_profile_flush_to_file
+_profile_flush_to_buffer
+_profile_free_buffer
_profile_abandon
_profile_release
_profile_get_values
#define KRB5_MAJOR_RELEASE 1
#define KRB5_MINOR_RELEASE 4
#define KRB5_PATCHLEVEL 0
-#define KRB5_RELTAIL "prerelease"
+#define KRB5_RELTAIL "beta5"
/* #undef KRB5_RELDATE */
-/* #undef KRB5_RELTAG */
+#define KRB5_RELTAG "krb5-1-4-beta5"
+2004-11-15 Tom Yu <tlyu@mit.edu>
+
+ * telnet.exp (telnet_test): Work around possible race condition
+ with client's resetting of terminal mode when returning from
+ interactive command mode. Test whether requiring encryption
+ works.
+
2004-03-14 Ken Raeburn <raeburn@mit.edu>
* rlogin.exp (start_rlogin_daemon, rlogin_test): Use portbase to
# A procedure to start up the telnet daemon.
-proc start_telnet_daemon { } {
+proc start_telnet_daemon { args } {
global REALMNAME
global TELNETD
global LOGINKRB5
# we don't need to use inetd. The portbase+8 is the port to listen at.
# Note that tmppwd here is a shell variable, which is set in
# setup_root_shell, not a TCL variable.
- send -i $rlogin_spawn_id "sh -c \"$TELNETD -debug -t \$tmppwd/srvtab -R $REALMNAME -L $tmppwd/login.wrap -X KERBEROS_V4 [expr 8 + $portbase]\" &\r"
+ send -i $rlogin_spawn_id "sh -c \"$TELNETD $args -debug -t \$tmppwd/srvtab -R $REALMNAME -L $tmppwd/login.wrap -X KERBEROS_V4 [expr 8 + $portbase]\" &\r"
expect {
-i $rlogin_spawn_id
-re "$ROOT_PROMPT" { }
set testname "simple telnet"
expect {
- "ogin:" {
+ "ogin: " {
pass $testname
}
}
set testname "telnet command mode"
send "\035"
expect {
- "telnet>" {
+ "telnet> " {
pass $testname
}
}
}
set testname "back to command mode"
+
+ # For some reason, the telnet client doesn't necessarily reset the
+ # terminal mode back to raw after exiting command mode.
+ # Kick it somewhat by sending a CR.
+ send "\r"
+ expect "ogin: "
+
send "\035"
expect {
- "telnet>" {
+ "telnet> " {
pass $testname
}
}
}
expect_after
+ catch "expect eof"
# We can't use check_exit_status, because we expect an exit status
# of 1.
# Move back to telnet command mode and check the encryption status.
set testname "encryption status"
send "\035"
- expect "telnet>"
+ expect "telnet> "
send "status\r"
expect {
-re "Currently encrypting output with DES_CFB64.*Currently decrypting input with DES_CFB64" {
expect "Connection closed by foreign host.\r"
expect_after
+ catch "expect eof"
# We can't use check_exit_status, because we expect an exit status
# of 1.
# The telnet daemon should have stopped, but we have no easy way
# of checking whether it actually did. Kill it just in case.
stop_telnet_daemon
+
+ set testname "reject unencrypted telnet"
+ # Check rejection of unencrypted client when encryption is required
+ start_telnet_daemon -e
+
+ # unencrypted, unauthenticated
+ spawn $TELNET -- $hostname -[expr 8 + $portbase]
+ expect_after {
+ timeout {
+ fail $testname
+ catch "expect_after"
+ return
+ }
+ eof {
+ fail $testname
+ catch "expect_after"
+ return
+ }
+ }
+
+ expect {
+ -re "Unencrypted connection refused.*\n" {
+ pass $testname
+ }
+ }
+ catch "expect_after"
+ catch "expect eof"
+ catch wait
+
+ # The telnet daemon should have stopped, but we have no easy way
+ # of checking whether it actually did. Kill it just in case.
+ stop_telnet_daemon
}
# Run the test. Logging in sometimes takes a while, so increase the
+2005-01-14 Tom Yu <tlyu@mit.edu>
+
+ * kadmin.exp (kadmin_list): Check for communication failure.
+ (kadmin_test): Create a large number of principals, then attempt
+ to list, in order to check for fixed-size buffer problems in
+ RPCSEC_GSS.
+
+2004-12-20 Tom Yu <tlyu@mit.edu>
+
+ * pwhist.exp: New file. Perform some sanity checking on password
+ history mechanism, including erroneous loss of history when
+ growing the history array. Also tries to trigger some known
+ buffer overflows and memory leaks.
+
2004-03-14 Ken Raeburn <raeburn@mit.edu>
* gssapi.exp (run_client, doit): Use portbase to compute all port
catch "expect_after"
return 0
}
+ "Communication failure" {
+ fail "kadmin ldb got RPC error"
+ catch "expect_after"
+ return 0
+ }
timeout {
fail "kadmin ldb"
catch "expect_after"
expect -re "assword\[^\r\n\]*: *" {
send "adminpass$KEY\r"
}
- expect -re "\(.*@$REALMNAME\r\n\)*"
+ expect -re "\(.*@$REALMNAME\r\n\)+"
expect_after
expect eof
set k_stat [wait -i $spawn_id]
return
}
+ # test retrieval of large number of principals
+ # bug [2877]
+ for { set i 0 } { $i < 200 } { incr i } {
+ if { ![kadmin_add "foo$i" foopass] } {
+ return
+ }
+ }
+
+ if { ![kadmin_list] } {
+ return
+ }
verbose "kadmin_test succeeded"
}
--- /dev/null
+# password history tests
+
+# one *non-interactive* kadmin.local request
+proc onerq { rq pname str {flags ""} } {
+ global REALMNAME
+ global KADMIN_LOCAL
+
+ spawn $KADMIN_LOCAL -r $REALMNAME -q "$rq $flags $pname"
+ expect_after {
+ timeout {
+ verbose "kadmin.local $rq $flags $pname timed out"
+ catch expect_after
+ kill [exp_pid]
+ close
+ expect eof
+ wait
+ return 0
+ } eof {
+ verbose "kadmin.local $rq $flags $pname got EOF"
+ catch expect_after
+ wait
+ return 0
+ }
+ }
+ expect $str
+ expect_after
+ expect eof
+ wait
+ return 1
+}
+
+proc addprinc { pname pw } {
+ global REALMNAME
+
+ return [onerq addprinc $pname \
+ "Principal \"$pname@$REALMNAME\" created." "-pw $pw"]
+}
+
+proc delprinc { pname } {
+ global REALMNAME
+ return [onerq delprinc $pname \
+ "Principal \"$pname@$REALMNAME\" deleted." "-force"]
+}
+
+proc cpw { pname pw } {
+ global REALMNAME
+
+ return [onerq cpw $pname \
+ "Password for \"$pname@$REALMNAME\" changed." "-pw $pw"]
+}
+
+proc modprinc { pname flags } {
+ global REALMNAME
+
+ return [onerq modprinc $pname \
+ "Principal \"$pname@$REALMNAME\" modified." $flags]
+}
+
+proc addpol { pname } {
+ if ![onerq addpol $pname ""] {
+ return 0
+ }
+ return [onerq getpol $pname "Policy: $pname"]
+}
+
+proc delpol { pname } {
+ onerq delpol $pname "" -force
+ return [onerq getpol $pname \
+ "Policy does not exist while retrieving policy \"$pname\"."]
+}
+
+proc modpol { pname flags } {
+ return [onerq modpol $pname "" $flags]
+}
+
+# Mandatory command must return true.
+# Issues a break in its parent on failure.
+proc mustrun { cmd } {
+ if ![eval $cmd] {
+ perror "mandatory command failed: $cmd"
+ uplevel break
+ }
+}
+
+# Fail test if command fails.
+# Issues a break in its parent on failure.
+proc chkpass { cmd } {
+ upvar test test
+ if ![eval $cmd] {
+ verbose "unexpected failure: $cmd"
+ fail $test
+ uplevel break
+ }
+}
+
+# Fail test if command succeeds.
+# Issues a break in its parent on failure.
+proc chkfail { cmd } {
+ upvar test test
+ if [eval $cmd] {
+ verbose "unexpected success: $cmd"
+ fail $test
+ uplevel break
+ }
+}
+
+# wrapper to run command (actually usually sequence of commands)
+#
+# If any part of CMD throws an exception, set failall, otherwise pass.
+# If failall is already true, report unresolved.
+proc wraptest { test cmd } {
+ upvar failall failall
+ if $failall {
+ unresolved $test
+ return
+ }
+ if [catch $cmd] {
+ set failall 1
+ } else {
+ pass $test
+ }
+}
+
+# Set up the kerberos database.
+if {![get_hostname] \
+ || ![setup_kerberos_files] \
+ || ![setup_kerberos_env] \
+ || ![setup_kerberos_db 0]} {
+ return
+}
+
+set failall 0
+wraptest "nkeys=1, nhist=3" {
+ mustrun { addpol crashpol }
+ mustrun { modpol crashpol "-history 3"}
+ mustrun { addprinc crash 1111 }
+ mustrun { modprinc crash "-policy crashpol" }
+ chkpass { cpw crash 2222 }
+ chkfail { cpw crash 2222 }
+ chkfail { cpw crash 1111 }
+}
+verbose {old_keys [ 1111 ->[] ]}
+
+# The following will result in reading/writing past array bounds if
+# add_to_history() is not patched.
+#
+# NOTE: A pass from this test does not mean the bug isn't present;
+# check with Purify, valgrind, etc.
+wraptest "array bounds ok on nkeys=1, nhist 3->2" {
+ mustrun { modpol crashpol "-history 2" }
+ chkpass { cpw crash 3333 }
+}
+verbose {old_keys [ ->2222 ]}
+
+wraptest "verify nhist=2" {
+ mustrun { delprinc crash }
+ mustrun { addprinc crash 1111 }
+ mustrun { modprinc crash "-policy crashpol" }
+ chkpass { cpw crash 2222 }
+ chkfail { cpw crash 2222 }
+ chkfail { cpw crash 1111 }
+}
+verbose {old_keys [ ->1111 ]}
+
+# The following will fail if growing the history array causes an extra
+# key to be lost due to failure to shift entries.
+wraptest "grow nhist 2->3" {
+ mustrun { modpol crashpol "-history 3" }
+ chkpass { cpw crash 3333 }
+ chkfail { cpw crash 3333 }
+ chkfail { cpw crash 2222 }
+ chkfail { cpw crash 1111 }
+}
+verbose {old_keys [ 2222 ->1111 ]}
+
+wraptest "grow nhist 3->4" {
+ mustrun { modpol crashpol "-history 4" }
+ chkfail { cpw crash 3333 }
+ chkfail { cpw crash 2222 }
+ chkfail { cpw crash 1111 }
+ chkpass { cpw crash 4444 }
+ chkfail { cpw crash 3333 }
+ chkfail { cpw crash 2222 }
+ chkfail { cpw crash 1111 }
+}
+verbose {old_keys [ 2222 3333 ->1111 ]}
+wraptest "shrink nhist 4->3" {
+ mustrun { modpol crashpol "-history 3" }
+ chkfail { cpw crash 4444 }
+ chkfail { cpw crash 3333 }
+ chkfail { cpw crash 2222 }
+ chkfail { cpw crash 1111 }
+ chkpass { cpw crash 5555 }
+}
+verbose {old_keys [ 4444 ->3333 ]}
+wraptest "verify nhist=3" {
+ chkfail { cpw crash 5555 }
+ chkfail { cpw crash 4444 }
+ chkfail { cpw crash 3333 }
+ chkpass { cpw crash 2222 }
+}
+verbose {old_keys [ ->4444 5555 ]}
+wraptest "shrink nhist 3->2" {
+ mustrun { modpol crashpol "-history 2" }
+ chkfail { cpw crash 2222 }
+ chkfail { cpw crash 5555 }
+ chkfail { cpw crash 4444 }
+ chkpass { cpw crash 3333 }
+}
+verbose {old_keys [ ->2222 ]}
+
+delprinc crash
+delpol crashpol
+
+stop_kerberos_daemons
+2004-12-21 Tom Yu <tlyu@mit.edu>
+
+ * def-check.pl: Check for PRIVATE or INTERNAL annotations in defs
+ file.
+
+2004-10-31 Tom Yu <tlyu@mit.edu>
+
+ * mkrel: Rework quoting for RELTAIL check. Don't check RELTAIL if
+ doing a "-current" snapshot.
+
2004-09-24 Tom Yu <tlyu@mit.edu>
* mkrel: Rework somewhat to handle patchlevel.h being the new
}
s/[ \t]*//g;
my($xconv);
- if (/!CALLCONV/ || /KRB5_CALLCONV_WRONG/) {
+ if (/PRIVATE/ || /INTERNAL/) {
+ $xconv = "PRIVATE";
+ } elsif (/!CALLCONV/ || /KRB5_CALLCONV_WRONG/) {
$xconv = "KRB5_CALLCONV_WRONG";
} elsif ($vararg{$_}) {
$xconv = "KRB5_CALLCONV_C";
$xconv = "KRB5_CALLCONV";
}
s/;.*$//;
+
+ if ($xconv eq "PRIVATE") {
+ print "\t private $_\n";
+ next LINE2;
+ }
if (!defined($conv{$_})) {
print "No calling convention specified for $_!\n";
} elsif (! ($conv{$_} eq $xconv)) {
+2005-01-13 Ken Raeburn <raeburn@mit.edu>
+
+ * error_message.c (com_err_terminate): Lock the list mutex before
+ walking through it; unlock and destroy it afterwards.
+
+2004-11-05 Ken Raeburn <raeburn@mit.edu>
+
+ * et_h.awk: Declare initialize_*_error_table as taking no
+ arguments.
+ * et_h.pl: Regenerated.
+
2004-10-07 Tom Yu <tlyu@mit.edu>
* et_c.awk, et_h.awk: Fix off-by-one error.
struct dynamic_et_list *e, *enext;
if (! INITIALIZER_RAN(com_err_initialize) || PROGRAM_EXITING())
return;
- k5_mutex_destroy(&et_list_lock);
+ k5_mutex_lock(&et_list_lock);
for (e = et_list_dynamic; e; e = enext) {
enext = e->next;
free(e);
}
+ k5_mutex_unlock(&et_list_lock);
+ k5_mutex_destroy(&et_list_lock);
terminated = 1;
}
print "" > outfile
print "#if !defined(_WIN32)" > outfile
print "/* for compatibility with older versions... */" > outfile
- print "extern void initialize_" table_name "_error_table () /*@modifies internalState@*/;" > outfile
+ print "extern void initialize_" table_name "_error_table (void) /*@modifies internalState@*/;" > outfile
print "#else" > outfile
print "#define initialize_" table_name "_error_table()" > outfile
print "#endif" > outfile
&Pick('>', $outfile) &&
(print $fh 'extern void initialize_' . $table_name .
- '_error_table () /*@modifies internalState@*/;');
+ '_error_table (void) /*@modifies internalState@*/;');
&Pick('>', $outfile) &&
(print $fh '#else');
&Pick('>', $outfile) &&
if test "$KRB5_RELTAG" != $reltag; then
echo "WARNING: patchlevel.h '$KRB5_RELTAG' != $reltag"
fi
- if test "$KRB5_MAJOR_RELEASE" != $relmajor || \
- test "$KRB5_MINOR_RELEASE" != $relminor || \
- test "$KRB5_PATCHLEVEL" != $relpatch || \
- test "$KRB5_RELTAIL" != $reltail; then
+ if test "$KRB5_MAJOR_RELEASE" != "$relmajor" || \
+ test "$KRB5_MINOR_RELEASE" != "$relminor" || \
+ test "$KRB5_PATCHLEVEL" != "$relpatch" || \
+ ( test -n "$reltail" && \
+ test "$KRB5_RELTAIL" != "$reltail" ); then
echo "WARNING: patchlevel.h $KRB5_MAJOR_RELEASE.$KRB5_MINOR_RELEASE.$KRB5_PATCHLEVEL${KRB5_RELTAIL+-$KRB5_RELTAIL} != $relmajor.$relminor.$relpatch${reltail+-$reltail}"
fi
+2005-01-13 Ken Raeburn <raeburn@mit.edu>
+
+ * prof_file.c (profile_free_file_data): Destroy mutex before
+ freeing containing structure.
+
+2004-12-14 Ken Raeburn <raeburn@mit.edu>
+
+ * prof_tree.c (profile_node_iterator): When the iterator has a
+ current file, lock it, and unlock it before changing it or
+ returning.
+
+2004-11-04 Alexandra Ellwood <lxs@mit.edu>
+
+ * prof_init.c, profile.hin: added profile_is_modified
+ and profile_is_writable so that callers can check to see
+ if profile_release() will fail before calling it.
+
+2004-11-04 Alexandra Ellwood <lxs@mit.edu>
+
+ * prof_set.c: profile calls which set values should not fail
+ if file is not writable. You can now write to a different
+ file with profile_flush_to_file() or buffer with
+ profile_flush_to_buffer().
+
+2004-10-30 Ken Raeburn <raeburn@mit.edu>
+
+ * prof_int.h (STAT_ONCE_PER_SECOND): Define.
+ (struct _prf_data_t) [STAT_ONCE_PER_SECOND]: New field LAST_STAT.
+ * prof_file.c (scan_shared_trees_locked,
+ scan_shared_trees_unlocked): Redefine to do nothing for now.
+ (profile_update_file_data) [STAT_ONCE_PER_SECOND]: If the current
+ time is the same time as the last stat of the file, just return;
+ otherwise, save away the current time.
+
2004-10-26 Ken Raeburn <raeburn@mit.edu>
Permit exporting profile file data into a buffer.
static void profile_free_file_data(prf_data_t);
+#if 0
+
#define scan_shared_trees_locked() \
{ \
prf_data_t d; \
k5_mutex_unlock(&g_shared_trees_mutex); \
}
+#else
+
+#define scan_shared_trees_locked() { ; }
+#define scan_shared_trees_unlocked() { ; }
+
+#endif
+
static int rw_access(const_profile_filespec_t filespec)
{
#ifdef HAVE_ACCESS
retval = k5_mutex_init(&data->lock);
if (retval) {
- profile_close_file(prf);
+ free(data);
+ free(prf);
return retval;
}
errcode_t retval;
#ifdef HAVE_STAT
struct stat st;
+#ifdef STAT_ONCE_PER_SECOND
+ time_t now;
+#endif
#endif
FILE *f;
return retval;
#ifdef HAVE_STAT
+#ifdef STAT_ONCE_PER_SECOND
+ now = time(0);
+ if (now == data->last_stat) {
+ k5_mutex_unlock(&data->lock);
+ return 0;
+ }
+#endif
if (stat(data->filespec, &st)) {
retval = errno;
k5_mutex_unlock(&data->lock);
return retval;
}
+#ifdef STAT_ONCE_PER_SECOND
+ data->last_stat = now;
+#endif
if (st.st_mtime == data->timestamp) {
k5_mutex_unlock(&data->lock);
return 0;
}
}
}
- if (data->root)
- profile_free_node(data->root);
- if (data->comment)
- free(data->comment);
- data->magic = 0;
- free(data);
+ if (data->root)
+ profile_free_node(data->root);
+ if (data->comment)
+ free(data->comment);
+ data->magic = 0;
+ k5_mutex_destroy(&data->lock);
+ free(data);
scan_shared_trees_locked();
}
return retval;
}
+errcode_t KRB5_CALLCONV
+profile_is_writable(profile_t profile, int *writable)
+{
+ if (!profile || profile->magic != PROF_MAGIC_PROFILE)
+ return PROF_MAGIC_PROFILE;
+
+ if (!writable)
+ return EINVAL;
+
+ if (profile->first_file)
+ *writable = (profile->first_file->data->flags & PROFILE_FILE_RW);
+
+ return 0;
+}
+
+errcode_t KRB5_CALLCONV
+profile_is_modified(profile_t profile, int *modified)
+{
+ if (!profile || profile->magic != PROF_MAGIC_PROFILE)
+ return PROF_MAGIC_PROFILE;
+
+ if (!modified)
+ return EINVAL;
+
+ if (profile->first_file)
+ *modified = (profile->first_file->data->flags & PROFILE_FILE_DIRTY);
+
+ return 0;
+}
+
errcode_t KRB5_CALLCONV
profile_flush(profile_t profile)
{
#include "com_err.h"
#include "profile.h"
+#define STAT_ONCE_PER_SECOND
+
#if defined(_WIN32)
#define SIZEOF_INT 4
#define SIZEOF_SHORT 2
k5_mutex_t lock;
char *comment;
struct profile_node *root;
+#ifdef STAT_ONCE_PER_SECOND
+ time_t last_stat;
+#endif
time_t timestamp; /* time tree was last updated from file */
int flags; /* r/w, dirty */
int upd_serial; /* incremented when data changes */
file = profile->first_file;
- if (!(file->data->flags & PROFILE_FILE_RW))
- return PROF_READ_ONLY;
-
retval = profile_lock_global();
if (retval)
return retval;
* If the file has changed, then the node pointer is invalid,
* so we'll have search the file again looking for it.
*/
+ if (iter->file) {
+ retval = k5_mutex_lock(&iter->file->data->lock);
+ if (retval)
+ return retval;
+ }
if (iter->node && (iter->file->data->upd_serial != iter->file_serial)) {
iter->flags &= ~PROFILE_ITER_FINAL_SEEN;
skip_num = iter->num;
iter->node = 0;
}
- if (iter->node && iter->node->magic != PROF_MAGIC_NODE)
+ if (iter->node && iter->node->magic != PROF_MAGIC_NODE) {
+ if (iter->file)
+ k5_mutex_unlock(&iter->file->data->lock);
return PROF_MAGIC_NODE;
+ }
get_new_file:
if (iter->node == 0) {
if (iter->file == 0 ||
(iter->flags & PROFILE_ITER_FINAL_SEEN)) {
+ if (iter->file)
+ k5_mutex_unlock(&iter->file->data->lock);
profile_node_iterator_free(iter_p);
if (ret_node)
*ret_node = 0;
*ret_value =0;
return 0;
}
+ k5_mutex_unlock(&iter->file->data->lock);
if ((retval = profile_update_file(iter->file))) {
if (retval == ENOENT || retval == EACCES) {
/* XXX memory leak? */
iter->file = iter->file->next;
+ if (iter->file) {
+ retval = k5_mutex_lock(&iter->file->data->lock);
+ if (retval) {
+ profile_node_iterator_free(iter_p);
+ return retval;
+ }
+ }
skip_num = 0;
retval = 0;
goto get_new_file;
return retval;
}
}
+ retval = k5_mutex_lock(&iter->file->data->lock);
+ if (retval) {
+ profile_node_iterator_free(iter_p);
+ return retval;
+ }
iter->file_serial = iter->file->data->upd_serial;
/*
* Find the section to list if we are a LIST_SECTION,
iter->flags |= PROFILE_ITER_FINAL_SEEN;
}
if (!section) {
+ k5_mutex_unlock(&iter->file->data->lock);
iter->file = iter->file->next;
+ if (iter->file) {
+ retval = k5_mutex_lock(&iter->file->data->lock);
+ if (retval) {
+ profile_node_iterator_free(iter_p);
+ return retval;
+ }
+ }
skip_num = 0;
goto get_new_file;
}
}
iter->num++;
if (!p) {
+ k5_mutex_unlock(&iter->file->data->lock);
iter->file = iter->file->next;
+ if (iter->file) {
+ retval = k5_mutex_lock(&iter->file->data->lock);
+ if (retval) {
+ profile_node_iterator_free(iter_p);
+ return retval;
+ }
+ }
iter->node = 0;
skip_num = 0;
goto get_new_file;
}
+ k5_mutex_unlock(&iter->file->data->lock);
if ((iter->node = p->next) == NULL)
iter->file = iter->file->next;
if (ret_node)
void KRB5_CALLCONV profile_free_buffer
(profile_t profile, char *buf);
+long KRB5_CALLCONV profile_is_writable
+ (profile_t profile, int *writable);
+long KRB5_CALLCONV profile_is_modified
+ (profile_t profile, int *modified);
+
void KRB5_CALLCONV profile_abandon
(profile_t profile);
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * Makefile.in: rename krb5support_32.dll to k5sprt32.dll
+
2004-10-25 Ken Raeburn <raeburn@mit.edu>
* libkrb5support.exports: Export krb5int_fac, _lock_fac,
RELDIR=../util/support
##DOS##BUILDTOP = ..\..
-##DOS##LIBNAME=$(OUTPRE)krb5support_32.lib
+##DOS##LIBNAME=$(OUTPRE)k5sprt32.lib
##DOS##XTRA=
-##DOS##OBJFILE=$(OUTPRE)krb5support_32.lst
+##DOS##OBJFILE=$(OUTPRE)k5sprt32.lst
SED = sed
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ * version.rc: rename krb5support.dll to k5sprt32.dll
+
2004-09-30 Jeffrey Altman <jaltman@mit.edu>
* version.rc: Add pismere condition resource strings
+2004-12-18 Jeffrey Altman <jaltman@mit.edu>
+
+* kfw-fixed.nsi:
+ Add "Debug Symbols" as a new category. It defaults to on
+ in debug builds and off in release builds.
+
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+* kfw-fixed.nsi
+ Add kcpytkt.exe, kdeltkt.exe, k5sprt32.dll, mit2ms.exe
+
2004-09-17 Jeffrey Altman <jaltman@mit.edu>
* kfw-fixed.nsi:
LangString DESC_secClient ${LANG_ENGLISH} "Client: Allows you to utilize MIT Kerberos from your Windows PC."
+ LangString DESC_secDebug ${LANG_ENGLISH} "Debug Symbols: Used for debugging problems with MIT Kerberos for Windows"
+
LangString DESC_secSDK ${LANG_ENGLISH} "SDK: Allows you to build MIT Kerberos aware applications."
LangString DESC_secDocs ${LANG_ENGLISH} "Documentation: Release Notes and User Manuals."
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\kpasswd.exe" "$INSTDIR\bin\kpasswd.exe" "$INSTDIR"
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\kvno.exe" "$INSTDIR\bin\kvno.exe" "$INSTDIR"
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\krb5_32.dll" "$INSTDIR\bin\krb5_32.dll" "$INSTDIR"
+ !insertmacro ReplaceDLL "${KFW_BIN_DIR}\k5sprt32.dll" "$INSTDIR\bin\k5sprt32.dll" "$INSTDIR"
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\krb524.dll" "$INSTDIR\bin\krb524.dll" "$INSTDIR"
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\krbcc32.dll" "$INSTDIR\bin\krbcc32.dll" "$INSTDIR"
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\krbcc32s.exe" "$INSTDIR\bin\krbcc32s.exe" "$INSTDIR"
!endif
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\leashw32.dll" "$INSTDIR\bin\leashw32.dll" "$INSTDIR"
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\ms2mit.exe" "$INSTDIR\bin\ms2mit.exe" "$INSTDIR"
+ !insertmacro ReplaceDLL "${KFW_BIN_DIR}\mit2ms.exe" "$INSTDIR\bin\mit2ms.exe" "$INSTDIR"
+ !insertmacro ReplaceDLL "${KFW_BIN_DIR}\kcpytkt.exe" "$INSTDIR\bin\kcpytkt.exe" "$INSTDIR"
+ !insertmacro ReplaceDLL "${KFW_BIN_DIR}\kdeltkt.exe" "$INSTDIR\bin\kdeltkt.exe" "$INSTDIR"
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\wshelp32.dll" "$INSTDIR\bin\wshelp32.dll" "$INSTDIR"
!insertmacro ReplaceDLL "${KFW_BIN_DIR}\xpprof32.dll" "$INSTDIR\bin\xpprof32.dll" "$INSTDIR"
!ifdef DEBUG
- File "${KFW_BIN_DIR}\aklog.pdb"
- File "${KFW_BIN_DIR}\comerr32.pdb"
- File "${KFW_BIN_DIR}\gss.pdb"
- File "${KFW_BIN_DIR}\gss-client.pdb"
- File "${KFW_BIN_DIR}\gss-server.pdb"
- File "${KFW_BIN_DIR}\gssapi32.pdb"
- File "${KFW_BIN_DIR}\k524init.pdb"
- File "${KFW_BIN_DIR}\kclnt32.pdb"
- File "${KFW_BIN_DIR}\kdestroy.pdb"
- File "${KFW_BIN_DIR}\kinit.pdb"
- File "${KFW_BIN_DIR}\klist.pdb"
- File "${KFW_BIN_DIR}\kpasswd.pdb"
- File "${KFW_BIN_DIR}\kvno.pdb"
- File "${KFW_BIN_DIR}\krb5_32.pdb"
- File "${KFW_BIN_DIR}\krb524.pdb"
- File "${KFW_BIN_DIR}\krbcc32.pdb"
- File "${KFW_BIN_DIR}\krbcc32s.pdb"
- File "${KFW_BIN_DIR}\krbv4w32.pdb"
- File "${KFW_BIN_DIR}\leashw32.pdb"
- File "${KFW_BIN_DIR}\leash32.pdb"
- File "${KFW_BIN_DIR}\ms2mit.pdb"
- File "${KFW_BIN_DIR}\wshelp32.pdb"
- File "${KFW_BIN_DIR}\xpprof32.pdb"
-
!IFDEF CL_1400
!insertmacro ReplaceDLL "${SYSTEMDIR}\msvcr80d.dll" "$INSTDIR\bin\msvcr80d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\msvcr80d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\msvcp80d.dll" "$INSTDIR\bin\msvcp80d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\msvcp80d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\mfc80d.dll" "$INSTDIR\bin\mfc80d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\mfc80d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC80CHS.DLL" "$INSTDIR\bin\MFC80CHS.DLL" "$INSTDIR"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC80CHT.DLL" "$INSTDIR\bin\MFC80CHT.DLL" "$INSTDIR"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC80DEU.DLL" "$INSTDIR\bin\MFC80DEU.DLL" "$INSTDIR"
!ELSE
!IFDEF CL_1310
!insertmacro ReplaceDLL "${SYSTEMDIR}\msvcr71d.dll" "$INSTDIR\bin\msvcr71d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\msvcr71d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\msvcp71d.dll" "$INSTDIR\bin\msvcp71d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\msvcp71d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\mfc71d.dll" "$INSTDIR\bin\mfc71d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\mfc71d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC71CHS.DLL" "$INSTDIR\bin\MFC71CHS.DLL" "$INSTDIR"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC71CHT.DLL" "$INSTDIR\bin\MFC71CHT.DLL" "$INSTDIR"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC71DEU.DLL" "$INSTDIR\bin\MFC71DEU.DLL" "$INSTDIR"
!ELSE
!IFDEF CL_1300
!insertmacro ReplaceDLL "${SYSTEMDIR}\msvcr70d.dll" "$INSTDIR\bin\msvcr70d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\msvcr70d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\msvcp70d.dll" "$INSTDIR\bin\msvcp70d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\msvcp70d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\mfc70d.dll" "$INSTDIR\bin\mfc70d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\mfc70d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC70CHS.DLL" "$INSTDIR\bin\MFC70CHS.DLL" "$INSTDIR"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC70CHT.DLL" "$INSTDIR\bin\MFC70CHT.DLL" "$INSTDIR"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC70DEU.DLL" "$INSTDIR\bin\MFC70DEU.DLL" "$INSTDIR"
!insertmacro ReplaceDLL "${SYSTEMDIR}\MFC70KOR.DLL" "$INSTDIR\bin\MFC70KOR.DLL" "$INSTDIR"
!ELSE
!insertmacro ReplaceDLL "${SYSTEMDIR}\mfc42d.dll" "$INSTDIR\bin\mfc42d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\mfc42d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\msvcp60d.dll" "$INSTDIR\bin\msvcp60d.dll" "$INSTDIR"
- File "${SYSTEMDIR}\msvcp60d.pdb"
!insertmacro ReplaceDLL "${SYSTEMDIR}\msvcrtd.dll" "$INSTDIR\bin\msvcrtd.dll" "$INSTDIR"
- File "${SYSTEMDIR}\msvcrtd.pdb"
!ENDIF
!ENDIF
!ENDIF
WriteRegDWORD HKLM "Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kvno" "Flags" 0x408
WriteRegDWORD HKLM "Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\ms2mit" "Flags" 0x408
WriteRegDWORD HKLM "Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\mit2ms" "Flags" 0x408
+ WriteRegDWORD HKLM "Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\mit2ms" "Flags" 0x408
WriteRegDWORD HKLM "Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kcpytkt" "Flags" 0x408
WriteRegDWORD HKLM "Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kdeltkt" "Flags" 0x408
WriteRegDWORD HKLM "Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\k95" "Flags" 0x408
SectionEnd
+Section "Debug Symbols" secDebug
+
+ SetOutPath "$INSTDIR\bin"
+ File "${KFW_BIN_DIR}\aklog.pdb"
+ File "${KFW_BIN_DIR}\comerr32.pdb"
+ File "${KFW_BIN_DIR}\gss.pdb"
+ File "${KFW_BIN_DIR}\gss-client.pdb"
+ File "${KFW_BIN_DIR}\gss-server.pdb"
+ File "${KFW_BIN_DIR}\gssapi32.pdb"
+ File "${KFW_BIN_DIR}\k524init.pdb"
+ File "${KFW_BIN_DIR}\kclnt32.pdb"
+ File "${KFW_BIN_DIR}\kdestroy.pdb"
+ File "${KFW_BIN_DIR}\kinit.pdb"
+ File "${KFW_BIN_DIR}\klist.pdb"
+ File "${KFW_BIN_DIR}\kpasswd.pdb"
+ File "${KFW_BIN_DIR}\kvno.pdb"
+ File "${KFW_BIN_DIR}\krb5_32.pdb"
+ File "${KFW_BIN_DIR}\k5sprt32.pdb"
+ File "${KFW_BIN_DIR}\krb524.pdb"
+ File "${KFW_BIN_DIR}\krbcc32.pdb"
+ File "${KFW_BIN_DIR}\krbcc32s.pdb"
+ File "${KFW_BIN_DIR}\krbv4w32.pdb"
+ File "${KFW_BIN_DIR}\leashw32.pdb"
+ File "${KFW_BIN_DIR}\leash32.pdb"
+ File "${KFW_BIN_DIR}\ms2mit.pdb"
+ File "${KFW_BIN_DIR}\mit2ms.pdb"
+ File "${KFW_BIN_DIR}\kcpytkt.pdb"
+ File "${KFW_BIN_DIR}\kdeltkt.pdb"
+ File "${KFW_BIN_DIR}\wshelp32.pdb"
+ File "${KFW_BIN_DIR}\xpprof32.pdb"
+
+!IFDEF DEBUG
+!IFDEF CL_1400
+ File "${SYSTEMDIR}\msvcr80d.pdb"
+ File "${SYSTEMDIR}\msvcp80d.pdb"
+ File "${SYSTEMDIR}\mfc80d.pdb"
+!ELSE
+!IFDEF CL_1310
+ File "${SYSTEMDIR}\msvcr71d.pdb"
+ File "${SYSTEMDIR}\msvcp71d.pdb"
+ File "${SYSTEMDIR}\mfc71d.pdb"
+!ELSE
+!IFDEF CL_1300
+ File "${SYSTEMDIR}\msvcr70d.pdb"
+ File "${SYSTEMDIR}\msvcp70d.pdb"
+ File "${SYSTEMDIR}\mfc70d.pdb"
+!ELSE
+ File "${SYSTEMDIR}\mfc42d.pdb"
+ File "${SYSTEMDIR}\msvcp60d.pdb"
+ File "${SYSTEMDIR}\msvcrtd.pdb"
+!ENDIF
+!ENDIF
+!ENDIF
+!ENDIF
+
+SectionEnd
+
;----------------------
; Kerberos for Windows SDK
Section "KfW SDK" secSDK
no_remove_uninstaller:
contInstall:
+ ; Never install debug symbols unless explicitly selected, except in DEBUG mode
+!IFNDEF DEBUG
+ SectionGetFlags ${secDebug} $0
+ IntOp $0 $0 & ${SECTION_OFF}
+ SectionSetFlags ${secDebug} $0
+!ELSE
+ SectionGetFlags ${secDebug} $0
+ IntOp $0 $0 | ${SF_SELECTED}
+ SectionSetFlags ${secDebug} $0
+!ENDIF
+
; Our logic should be like this.
; 1) If no KfW components are installed, we do a clean install with default options. (Client/Docs)
; 2) If existing modules are installed, we keep them selected
!insertmacro MUI_DESCRIPTION_TEXT ${secClient} $(DESC_secClient)
!insertmacro MUI_DESCRIPTION_TEXT ${secSDK} $(DESC_secSDK)
!insertmacro MUI_DESCRIPTION_TEXT ${secDocs} $(DESC_secDocs)
+ !insertmacro MUI_DESCRIPTION_TEXT ${secDebug} $(DESC_secDebug)
!insertmacro MUI_FUNCTION_DESCRIPTION_END
;--------------------------------
Delete /REBOOTOK "$INSTDIR\bin\kpasswd.exe"
Delete /REBOOTOK "$INSTDIR\bin\kvno.exe"
Delete /REBOOTOK "$INSTDIR\bin\krb5_32.dll"
+ Delete /REBOOTOK "$INSTDIR\bin\k5sprt32.dll"
Delete /REBOOTOK "$INSTDIR\bin\krb524.dll"
Delete /REBOOTOK "$INSTDIR\bin\krbcc32.dll"
Delete /REBOOTOK "$INSTDIR\bin\krbcc32s.exe"
!endif
Delete /REBOOTOK "$INSTDIR\bin\leashw32.dll"
Delete /REBOOTOK "$INSTDIR\bin\ms2mit.exe"
+ Delete /REBOOTOK "$INSTDIR\bin\mit2ms.exe"
+ Delete /REBOOTOK "$INSTDIR\bin\kcpytkt.exe"
+ Delete /REBOOTOK "$INSTDIR\bin\kdeltkt.exe"
Delete /REBOOTOK "$INSTDIR\bin\wshelp32.dll"
Delete /REBOOTOK "$INSTDIR\bin\xpprof32.dll"
-!IFDEF DEBUG
Delete /REBOOTOK "$INSTDIR\bin\aklog.pdb"
Delete /REBOOTOK "$INSTDIR\bin\comerr32.pdb"
Delete /REBOOTOK "$INSTDIR\bin\gss.pdb"
Delete /REBOOTOK "$INSTDIR\bin\kpasswd.pdb"
Delete /REBOOTOK "$INSTDIR\bin\kvno.pdb"
Delete /REBOOTOK "$INSTDIR\bin\krb5_32.pdb"
+ Delete /REBOOTOK "$INSTDIR\bin\k5sprt32.pdb"
Delete /REBOOTOK "$INSTDIR\bin\krb524.pdb"
Delete /REBOOTOK "$INSTDIR\bin\krbcc32.pdb"
Delete /REBOOTOK "$INSTDIR\bin\krbcc32s.pdb"
Delete /REBOOTOK "$INSTDIR\bin\krbv4w32.pdb"
Delete /REBOOTOK "$INSTDIR\bin\leashw32.pdb"
Delete /REBOOTOK "$INSTDIR\bin\ms2mit.pdb"
+ Delete /REBOOTOK "$INSTDIR\bin\mit2ms.pdb"
+ Delete /REBOOTOK "$INSTDIR\bin\kcpytkt.pdb"
+ Delete /REBOOTOK "$INSTDIR\bin\kdeltkt.pdb"
Delete /REBOOTOK "$INSTDIR\bin\wshelp32.pdb"
Delete /REBOOTOK "$INSTDIR\bin\xpprof32.pdb"
+!IFDEF DEBUG
!IFDEF CL_1400
Delete /REBOOTOK "$INSTDIR\bin\msvcr80d.dll"
Delete /REBOOTOK "$INSTDIR\bin\msvcr80d.pdb"
+2004-12-18 Jeffrey Altman <jaltman@mit.edu>
+
+ Add Debug Symbols as an optional install feature for
+ release builds of KFW
+
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ Add kcpytkt.exe, kdeltkt.exe, k5sprt32.dll mit2ms.exe
+
+ Update to Wix 2.1 installer
+
2004-09-16 Jeffrey Altman <jaltman@mit.edu>
Remove trailing slash from PATH
<?include lang\config_$(var.BuildLang).wxi?>
+ <!-- Parameters for the features containing debug symbols -->
+ <?ifdef DebugSyms?>
+ <?ifdef Debug?>
+ <?define DebugSymInstallDefault="followParent"?>
+ <?define DebugSymLowLevel="30"?>
+ <?define DebugSymHighLevel="130"?>
+ <?else?>
+ <?define DebugSymInstallDefault="followParent"?>
+ <?define DebugSymLowLevel="130"?>
+ <?define DebugSymHighLevel="130"?>
+ <?endif?>
+ <?endif?>
+
<!-- Configuration macros -->
<?ifndef LeashAfsStatus?>
<?define LeashAfsStatus="1"?>
Description="$(loc.KerberosClientDesc)"
InstallDefault="local"
Title="$(loc.KerberosClientTitle)"
- FollowParent="yes"
Level="30">
+ <?ifdef DebugSyms?>
+ <Feature
+ Id="feaKfwClientDebug"
+ AllowAdvertise="no"
+ Description="$(loc.StrKerberosClientDebugDesc)"
+ Display="expand"
+ InstallDefault="$(var.DebugSymInstallDefault)"
+ Level="$(var.DebugSymLowLevel)"
+ Title="$(loc.StrKerberosClientDebugTitle)">
+ <ComponentRef Id="cmf_bin_debug"/>
+ </Feature>
+ <?endif?>
+
<ComponentRef Id="cmf_aklog_exe" />
<ComponentRef Id="cmf_comerr32_dll" />
<ComponentRef Id="cmf_gss_exe" />
<ComponentRef Id="cmf_k524init_exe" />
<ComponentRef Id="cmf_kclnt32_dll" />
<ComponentRef Id="cmf_kdestroy_exe" />
+ <ComponentRef Id="cmf_kcpytkt_exe" />
+ <ComponentRef Id="cmf_kdeltkt_exe" />
<ComponentRef Id="cmf_kinit_exe" />
<ComponentRef Id="cmf_klist_exe" />
<ComponentRef Id="cmf_kpasswd_exe" />
<ComponentRef Id="cmf_kvno_exe" />
<ComponentRef Id="cmf_krb5_32_dll" />
+ <ComponentRef Id="cmf_k5sprt32_dll" />
<ComponentRef Id="cmf_krb524_dll" />
<ComponentRef Id="cmf_krbcc32_dll" />
<ComponentRef Id="cmf_krbcc32s_exe" />
<ComponentRef Id="rcm_leashdll_17" />
<ComponentRef Id="cmf_ms2mit_exe" />
+ <ComponentRef Id="cmf_mit2ms_exe" />
<ComponentRef Id="cmf_wshelp32_dll" />
<ComponentRef Id="cmf_xpprof32_dll" />
- <?ifdef Debug?>
- <ComponentRef Id="cmf_bin_debug"/>
- <?endif?>
-
<ComponentRef Id="cmf_psapi_dll" />
<?ifndef Debug?>
<Registry Id="reg_ts_kdestroy_0" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kdestroy" Action="createKeyAndRemoveKeyOnUninstall" />
<Registry Id="reg_ts_kdestroy_1" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kdestroy" Name="Flags" Type="integer" Value="1032" />
</Component>
+ <Component Id="cmf_kcpytkt_exe" Guid="6B20E57C-0033-4dcf-B3C9-74ED0B2CF46E" DiskId="1">
+ <File Id="fil_kcpytkt_exe" LongName="kcpytkt.exe" Name="kcpytkt.exe" KeyPath="yes" />
+ <Registry Id="reg_ts_kcpytkt_0" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kcpytkt" Action="createKeyAndRemoveKeyOnUninstall" />
+ <Registry Id="reg_ts_kcpytkt_1" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kcpytkt" Name="Flags" Type="integer" Value="1032" />
+ </Component>
+ <Component Id="cmf_kdeltkt_exe" Guid="C7528C87-9B61-439a-8EA8-AD4BE3D758F9" DiskId="1">
+ <File Id="fil_kdeltkt_exe" LongName="kdeltkt.exe" Name="kdeltkt.exe" KeyPath="yes" />
+ <Registry Id="reg_ts_kdeltkt_0" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kdeltkt" Action="createKeyAndRemoveKeyOnUninstall" />
+ <Registry Id="reg_ts_kdeltkt_1" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kdeltkt" Name="Flags" Type="integer" Value="1032" />
+ </Component>
<Component Id="cmf_kinit_exe" Guid="80643A09-EF28-4714-BC62-B64FC5B17CAA" DiskId="1">
<File Id="fil_kinit_exe" LongName="kinit.exe" Name="kinit.exe" KeyPath="yes" />
<Registry Id="reg_ts_kinit_0" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\kinit" Action="createKeyAndRemoveKeyOnUninstall" />
<File Id="fil_krb5_32_dll" LongName="krb5_32.dll" Name="krb5_32.dll" KeyPath="yes" />
<Environment Id="env_kclient_path" Action="set" Name="PATH" Part="last" System="yes" Value="[KERBEROSDIR]bin" />
</Component>
+ <Component Id="cmf_k5sprt32_dll" Guid="F2381331-9201-4c02-866F-2038676771D4" DiskId="1">
+ <File Id="fil_k5sprt32_dll" LongName="k5sprt32.dll" Name="k5sprt32.dll" />
+ </Component>
<Component Id="cmf_krb524_dll" Guid="98685874-A9AA-4BC5-9830-271D9CF52C17" DiskId="1">
<File Id="fil_krb524_dll" LongName="krb524.dll" Name="krb524.dll" KeyPath="yes" />
</Component>
<Registry Id="reg_ts_ms2mit_0" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\ms2mit" Action="createKeyAndRemoveKeyOnUninstall" />
<Registry Id="reg_ts_ms2mit_1" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\ms2mit" Name="Flags" Type="integer" Value="1032" />
</Component>
+ <Component Id="cmf_mit2ms_exe" Guid="4F487781-5B55-48c1-A3FA-8BC6ECA4FEA1" DiskId="1">
+ <File Id="fil_mit2ms_exe" LongName="mit2ms.exe" Name="mit2ms.exe" KeyPath="yes" />
+ <Registry Id="reg_ts_mit2ms_0" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\mit2ms" Action="createKeyAndRemoveKeyOnUninstall" />
+ <Registry Id="reg_ts_mit2ms_1" Root="HKLM" Key="Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Compatibility\Applications\mit2ms" Name="Flags" Type="integer" Value="1032" />
+ </Component>
<Component Id="cmf_wshelp32_dll" Guid="B9D9F5F1-CA93-4F56-B6F8-343F21484CDE" DiskId="1">
<File Id="fil_wshelp32_dll" LongName="wshelp32.dll" Name="wshelp32.dll" KeyPath="yes" />
</Component>
<File Id="fil_k524init_pdb" LongName="k524init.pdb" Name="k524init.pdb" />
<File Id="fil_kclnt32_pdb" LongName="kclnt32.pdb" Name="kclnt32.pdb" />
<File Id="fil_kdestroy_pdb" LongName="kdestroy.pdb" Name="kdestroy.pdb" />
+ <File Id="fil_kcpytkt_pdb" LongName="kcpytkt.pdb" Name="kcpytkt.pdb" />
+ <File Id="fil_kdeltkt_pdb" LongName="kdeltkt.pdb" Name="kdeltkt.pdb" />
<File Id="fil_kinit_pdb" LongName="kinit.pdb" Name="kinit.pdb" />
<File Id="fil_klist_pdb" LongName="klist.pdb" Name="klist.pdb" />
<File Id="fil_kpasswd_pdb" LongName="kpasswd.pdb" Name="kpasswd.pdb" />
<File Id="fil_kvno_pdb" LongName="kvno.pdb" Name="kvno.pdb" />
<File Id="fil_krb5_32_pdb" LongName="krb5_32.pdb" Name="krb5_32.pdb" KeyPath="yes" />
+ <File Id="fil_k5sprt32_pdb" LongName="k5sprt32.pdb" Name="k5sprt32.pdb" />
<File Id="fil_krb524_pdb" LongName="krb524.pdb" Name="krb524.pdb" />
<File Id="fil_krbcc32_pdb" LongName="krbcc32.pdb" Name="krbcc32.pdb" />
<File Id="fil_krbcc32s_pdb" LongName="krbcc32s.pdb" Name="krbcc32s.pdb" />
<File Id="fil_leash32_pdb" LongName="leash32.pdb" Name="leash32.pdb" />
<File Id="fil_leashw32_pdb" LongName="leashw32.pdb" Name="leashw32.pdb" />
<File Id="fil_ms2mit_pdb" LongName="ms2mit.pdb" Name="ms2mit.pdb" />
+ <File Id="fil_mit2ms_pdb" LongName="mit2ms.pdb" Name="mit2ms.pdb" />
<File Id="fil_wshelp32_pdb" LongName="wshelp32.pdb" Name="wshelp32.pdb" />
<File Id="fil_xpprof32_pdb" LongName="xpprof32.pdb" Name="xpprof32.pdb" />
</Component>
</Directory>
<Directory Id="ProgramMenuFolder">
- <Directory Id="dirShortcut" LongName="$(loc.ProductName)" Name="$(loc.ProductNameShort)">
+ <Directory Id="dirShortcut" LongName="$(loc.ProductName)" Name="KFW">
</Directory>
</Directory>
<Directory Id="StartupFolder">
+2004-12-18 Jeffrey Altman <jaltman@mit.edu>
+
+ Add Debug Symbols as an optional install feature for
+ release builds of KFW2004-08-20 Jeffrey Altman <jaltman@mit.edu>
+
+2004-12-15 Jeffrey Altman <jaltman@mit.edu>
+
+ Update for WiX 2.1 installer
+
2004-08-20 Asanka Herath <asanka@mit.edu>
New WiX 2.0 MSI for KFW
\ No newline at end of file
-->
<String Id="ProductName">Kerberos for Windows</String>
- <String Id="ProductNameShort">Kerberos</String>
+ <String Id="ProductNameShort">KFW</String>
<String Id="ProductMIT">MIT</String>
<String Id="ProductDebug">Debug/Checked</String>
<String Id="ProductBeta">Beta</String>
<String Id="KerberosClientTitle">Client</String>
<String Id="KerberosClientDesc">Kerberos client utilities, libraries and documentation</String>
+ <String Id="StrKerberosClientDebugTitle">Debug symbols</String>
+ <String Id="StrKerberosClientDebugDesc">Debugging symbols for Kerberos for Windows components.</String>
+
<String Id="KerberosSDKTitle">SDK</String>
<String Id="KerberosSDKDesc">Libraries and header files for developing software with Kerberos</String>
<String Id="IE501Required">Kerberos for Windows requires Microsoft Internet Explorer version 5.01 or higher. Please resolve this and run the installer again.</String>
<String Id="ARPComments">Build of</String>
-
+
</WixLocalization>
\ No newline at end of file
<!-- TargetDir should point to build target directory and must end with
a backslash. If not specified, assume we are in TargetDir\install -->
- <?define TargetDir="d:\work\kfwbins\"?>
+ <?define TargetDir="c:\temp\kfw\kfw-2.6.6-alpha\"?>
<!-- ConfigDir should point to directory containing configuration files
(krb5.ini, krb.con, krbrealm.con) to be bundled with the installer.
The directory name should end with a backslash. -->
- <?define ConfigDir="$(env.SystemRoot)\"?>
+ <?define ConfigDir="c:\temp\kfw\kfw-2.5-extra\sample-config\"?>
<!-- VersionMajor, VersionMinor and VersionPatch must all be specified, or
none should be specified (in which case, the defaults will be
<!-- At most one of the following could be defined and must correspond
to the type of build performed. -->
- <!-- <?define Debug?> -->
- <?define Release?>
-
+ <?define Debug?>
+ <!-- <?define Release?> -->
+
+ <!-- We are including debug symbols anyway. Undefine this for a leaner installer without debug syms. -->
+ <?define DebugSyms?>
+
<!-- Optional defines -->
- <!-- <?define Beta=""?> --> <!-- Numeric Beta identifier -->
+ <?define Beta="1"?> <!-- Numeric Beta identifier -->
<!-- <?define OldHelp?> --> <!-- Specifies the use of the old leash32.hlp file
instead of the new leash32.chm file -->
<?ifndef VersionMajor?>
<?define VersionMajor="2"?>
<?define VersionMinor="6"?>
- <?define VersionPatch="0001"?>
+ <?define VersionPatch="6"?>
<?else?>
<?if Not ($(var.VersionMinor) And $(var.VersionPatch))?>
<?error VersionMajor, VersionMinor and VersionPatch should be specified together?>
#if !defined(_WIN32)
#error not win32??
#else
-#define K5_ORIGINAL_NAME "krb5support32.dll\0"
+#define K5_ORIGINAL_NAME "k5sprt32.dll\0"
#endif
#endif /* support */